From c9dc0164b8ad1cb23faf6120749bcc349a7bfd45 Mon Sep 17 00:00:00 2001 From: rhe Date: Mon, 29 Aug 2016 05:47:09 +0000 Subject: import Ruby/OpenSSL 2.0.0.beta.1 * NEWS, {ext,test,sample}/openssl: Import Ruby/OpenSSL 2.0.0.beta.1. ext/openssl is now converted into a default gem. The full commit history since r55538 can be found at: https://github.com/ruby/openssl/compare/08e1881f5663...v2.0.0.beta.1 [Feature #9612] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56027 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- NEWS | 6 + ext/openssl/extconf.rb | 1 + ext/openssl/lib/openssl/cipher.rb | 38 +-- ext/openssl/lib/openssl/digest.rb | 12 +- ext/openssl/lib/openssl/pkey.rb | 3 + ext/openssl/lib/openssl/ssl.rb | 112 +++++---- ext/openssl/openssl.gemspec | 45 ++++ ext/openssl/openssl_missing.c | 6 +- ext/openssl/openssl_missing.h | 12 +- ext/openssl/ossl.c | 181 ++++++------- ext/openssl/ossl.h | 25 +- ext/openssl/ossl_asn1.c | 22 +- ext/openssl/ossl_asn1.h | 6 +- ext/openssl/ossl_bio.c | 4 +- ext/openssl/ossl_bn.c | 165 +++++++----- ext/openssl/ossl_cipher.c | 273 ++++++++++++++------ ext/openssl/ossl_config.c | 17 +- ext/openssl/ossl_config.h | 1 - ext/openssl/ossl_digest.c | 30 ++- ext/openssl/ossl_engine.c | 8 +- ext/openssl/ossl_hmac.c | 100 ++++---- ext/openssl/ossl_ns_spki.c | 3 +- ext/openssl/ossl_ocsp.c | 108 ++++++-- ext/openssl/ossl_pkcs12.c | 37 ++- ext/openssl/ossl_pkcs5.c | 18 +- ext/openssl/ossl_pkcs7.c | 17 +- ext/openssl/ossl_pkey.c | 42 ++-- ext/openssl/ossl_pkey.h | 2 - ext/openssl/ossl_pkey_dh.c | 47 ++-- ext/openssl/ossl_pkey_dsa.c | 42 ++-- ext/openssl/ossl_pkey_ec.c | 377 ++++++++++++++++----------- ext/openssl/ossl_pkey_rsa.c | 38 ++- ext/openssl/ossl_rand.c | 17 +- ext/openssl/ossl_ssl.c | 204 +++++++++------ ext/openssl/ossl_ssl_session.c | 76 ++++-- ext/openssl/ossl_version.h | 2 +- ext/openssl/ossl_x509.c | 80 +++++- ext/openssl/ossl_x509.h | 3 +- ext/openssl/ossl_x509attr.c | 44 +++- ext/openssl/ossl_x509cert.c | 41 +-- ext/openssl/ossl_x509crl.c | 65 ++--- ext/openssl/ossl_x509ext.c | 100 ++++---- ext/openssl/ossl_x509name.c | 49 ++-- ext/openssl/ossl_x509req.c | 20 +- ext/openssl/ossl_x509revoked.c | 49 +++- ext/openssl/ossl_x509store.c | 224 ++++++++++++++--- sample/openssl/cipher.rb | 4 +- test/openssl/test_cipher.rb | 90 ++++++- test/openssl/test_config.rb | 2 +- test/openssl/test_engine.rb | 13 +- test/openssl/test_ocsp.rb | 159 ++++++++---- test/openssl/test_pair.rb | 34 ++- test/openssl/test_partial_record_read.rb | 35 --- test/openssl/test_pkcs12.rb | 5 + test/openssl/test_pkey.rb | 49 ++++ test/openssl/test_pkey_dh.rb | 78 +++--- test/openssl/test_pkey_dsa.rb | 275 ++++++++------------ test/openssl/test_pkey_ec.rb | 419 ++++++++++++++++--------------- test/openssl/test_pkey_rsa.rb | 344 +++++++++---------------- test/openssl/test_ssl.rb | 267 +++++++++++++------- test/openssl/test_ssl_session.rb | 6 + test/openssl/test_x509attr.rb | 11 + test/openssl/test_x509crl.rb | 4 + test/openssl/test_x509ext.rb | 30 ++- test/openssl/test_x509name.rb | 5 + test/openssl/test_x509req.rb | 7 +- test/openssl/test_x509store.rb | 7 + test/openssl/ut_eof.rb | 129 ++++++++++ test/openssl/utils.rb | 38 ++- 69 files changed, 2970 insertions(+), 1813 deletions(-) create mode 100644 ext/openssl/openssl.gemspec delete mode 100644 test/openssl/test_partial_record_read.rb create mode 100644 test/openssl/test_pkey.rb create mode 100644 test/openssl/ut_eof.rb diff --git a/NEWS b/NEWS index 8cfd8b059b..bf8263c213 100644 --- a/NEWS +++ b/NEWS @@ -123,6 +123,12 @@ with all sufficient information, see the ChangeLog file or Redmine * Add an into option. [Feature #11191] +* OpenSSL + + * OpenSSL is extracted as a gem and the upstream has been migrated to + https://github.com/ruby/openssl. OpenSSL still remains as a default gem. + Refer to its History.md for the full release note. [Feature #9612] + === Compatibility issues (excluding feature bug fixes) * Array#sum and Enumerable#sum are implemented. [Feature #12217] diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index ad92a287a6..bf78428619 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -147,6 +147,7 @@ have_func("EVP_PKEY_up_ref") OpenSSL.check_func_or_macro("SSL_CTX_set_tmp_ecdh_callback", "openssl/ssl.h") # removed OpenSSL.check_func_or_macro("SSL_CTX_set_min_proto_version", "openssl/ssl.h") have_func("SSL_CTX_get_security_level") +have_func("X509_get0_notBefore") Logging::message "=== Checking done. ===\n" diff --git a/ext/openssl/lib/openssl/cipher.rb b/ext/openssl/lib/openssl/cipher.rb index a69d5ac827..af721b3a80 100644 --- a/ext/openssl/lib/openssl/cipher.rb +++ b/ext/openssl/lib/openssl/cipher.rb @@ -18,7 +18,7 @@ module OpenSSL klass = Class.new(Cipher){ define_method(:initialize){|*args| cipher_name = args.inject(name){|n, arg| "#{n}-#{arg}" } - super(cipher_name) + super(cipher_name.downcase) } } const_set(name, klass) @@ -26,34 +26,42 @@ module OpenSSL %w(128 192 256).each{|keylen| klass = Class.new(Cipher){ - define_method(:initialize){|mode| - mode ||= "CBC" - cipher_name = "AES-#{keylen}-#{mode}" - super(cipher_name) + define_method(:initialize){|mode = "CBC"| + super("aes-#{keylen}-#{mode}".downcase) } } const_set("AES#{keylen}", klass) } - # Generate, set, and return a random key. - # You must call cipher.encrypt or cipher.decrypt before calling this method. + # call-seq: + # cipher.random_key -> key + # + # Generate a random key with OpenSSL::Random.random_bytes and sets it to + # the cipher, and returns it. + # + # You must call #encrypt or #decrypt before calling this method. def random_key str = OpenSSL::Random.random_bytes(self.key_len) self.key = str - return str end - # Generate, set, and return a random iv. - # You must call cipher.encrypt or cipher.decrypt before calling this method. + # call-seq: + # cipher.random_iv -> iv + # + # Generate a random IV with OpenSSL::Random.random_bytes and sets it to the + # cipher, and returns it. + # + # You must call #encrypt or #decrypt before calling this method. def random_iv str = OpenSSL::Random.random_bytes(self.iv_len) self.iv = str - return str end - # This class is only provided for backwards compatibility. Use OpenSSL::Cipher in the future. - class Cipher < Cipher - # add warning - end + # Deprecated. + # + # This class is only provided for backwards compatibility. + # Use OpenSSL::Cipher. + class Cipher < Cipher; end + deprecate_constant :Cipher end # Cipher end # OpenSSL diff --git a/ext/openssl/lib/openssl/digest.rb b/ext/openssl/lib/openssl/digest.rb index 1a236cc77d..97ccbc9569 100644 --- a/ext/openssl/lib/openssl/digest.rb +++ b/ext/openssl/lib/openssl/digest.rb @@ -53,15 +53,9 @@ module OpenSSL # Deprecated. # # This class is only provided for backwards compatibility. - class Digest < Digest # :nodoc: - # Deprecated. - # - # See OpenSSL::Digest.new - def initialize(*args) - warn('Digest::Digest is deprecated; use Digest') - super(*args) - end - end + # Use OpenSSL::Digest instead. + class Digest < Digest; end # :nodoc: + deprecate_constant :Digest end # Digest diff --git a/ext/openssl/lib/openssl/pkey.rb b/ext/openssl/lib/openssl/pkey.rb index df126fd9f0..9af5f781f9 100644 --- a/ext/openssl/lib/openssl/pkey.rb +++ b/ext/openssl/lib/openssl/pkey.rb @@ -4,6 +4,7 @@ module OpenSSL if defined?(OpenSSL::PKey::DH) class DH + # :nodoc: DEFAULT_1024 = new <<-_end_of_pem_ -----BEGIN DH PARAMETERS----- MIGHAoGBAJ0lOVy0VIr/JebWn0zDwY2h+rqITFOpdNr6ugsgvkDXuucdcChhYExJ @@ -12,6 +13,7 @@ T4h7KZ/2zmjvV+eF8kBUHBJAojUlzxKj4QeO2x20FP9X5xmNUXeDAgEC -----END DH PARAMETERS----- _end_of_pem_ + # :nodoc: DEFAULT_2048 = new <<-_end_of_pem_ -----BEGIN DH PARAMETERS----- MIIBCAKCAQEA7E6kBrYiyvmKAMzQ7i8WvwVk9Y/+f8S7sCTN712KkK3cqd1jhJDY @@ -24,6 +26,7 @@ YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3 _end_of_pem_ end + # :nodoc: DEFAULT_TMP_DH_CALLBACK = lambda { |ctx, is_export, keylen| warn "using default DH parameters." if $VERBOSE case keylen diff --git a/ext/openssl/lib/openssl/ssl.rb b/ext/openssl/lib/openssl/ssl.rb index 00c3275319..519ea11a54 100644 --- a/ext/openssl/lib/openssl/ssl.rb +++ b/ext/openssl/lib/openssl/ssl.rb @@ -16,44 +16,11 @@ require "io/nonblock" module OpenSSL module SSL class SSLContext + # :nodoc: DEFAULT_PARAMS = { :ssl_version => "SSLv23", :verify_mode => OpenSSL::SSL::VERIFY_PEER, - :ciphers => %w{ - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - DHE-RSA-AES128-GCM-SHA256 - DHE-DSS-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-DSS-AES256-GCM-SHA384 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - DHE-RSA-AES128-SHA - DHE-RSA-AES256-SHA - DHE-DSS-AES128-SHA256 - DHE-DSS-AES256-SHA256 - DHE-DSS-AES128-SHA - DHE-DSS-AES256-SHA - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - ECDHE-ECDSA-RC4-SHA - ECDHE-RSA-RC4-SHA - RC4-SHA - }.join(":"), + :verify_hostname => true, :options => -> { opts = OpenSSL::SSL::OP_ALL opts &= ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS @@ -63,10 +30,50 @@ module OpenSSL }.call } + if !(OpenSSL::OPENSSL_VERSION.start_with?("OpenSSL") && + OpenSSL::OPENSSL_VERSION_NUMBER >= 0x10100000) + DEFAULT_PARAMS.merge!( + ciphers: %w{ + ECDHE-ECDSA-AES128-GCM-SHA256 + ECDHE-RSA-AES128-GCM-SHA256 + ECDHE-ECDSA-AES256-GCM-SHA384 + ECDHE-RSA-AES256-GCM-SHA384 + DHE-RSA-AES128-GCM-SHA256 + DHE-DSS-AES128-GCM-SHA256 + DHE-RSA-AES256-GCM-SHA384 + DHE-DSS-AES256-GCM-SHA384 + ECDHE-ECDSA-AES128-SHA256 + ECDHE-RSA-AES128-SHA256 + ECDHE-ECDSA-AES128-SHA + ECDHE-RSA-AES128-SHA + ECDHE-ECDSA-AES256-SHA384 + ECDHE-RSA-AES256-SHA384 + ECDHE-ECDSA-AES256-SHA + ECDHE-RSA-AES256-SHA + DHE-RSA-AES128-SHA256 + DHE-RSA-AES256-SHA256 + DHE-RSA-AES128-SHA + DHE-RSA-AES256-SHA + DHE-DSS-AES128-SHA256 + DHE-DSS-AES256-SHA256 + DHE-DSS-AES128-SHA + DHE-DSS-AES256-SHA + AES128-GCM-SHA256 + AES256-GCM-SHA384 + AES128-SHA256 + AES256-SHA256 + AES128-SHA + AES256-SHA + }.join(":"), + ) + end + + # :nodoc: DEFAULT_CERT_STORE = OpenSSL::X509::Store.new DEFAULT_CERT_STORE.set_default_paths DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL + # :nodoc: INIT_VARS = ["cert", "key", "client_ca", "ca_file", "ca_path", "timeout", "verify_mode", "verify_depth", "renegotiation_cb", "verify_callback", "cert_store", "extra_chain_cert", @@ -74,7 +81,7 @@ module OpenSSL "session_get_cb", "session_new_cb", "session_remove_cb", "tmp_ecdh_callback", "servername_cb", "npn_protocols", "alpn_protocols", "alpn_select_cb", - "npn_select_cb"].map { |x| "@#{x}" } + "npn_select_cb", "verify_hostname"].map { |x| "@#{x}" } # A callback invoked when DH parameters are required. # @@ -110,13 +117,17 @@ module OpenSSL end ## - # Sets the parameters for this SSL context to the values in +params+. + # call-seq: + # ctx.set_params(params = {}) -> params + # + # Sets saner defaults optimized for the use with HTTP-like protocols. + # + # If a Hash +params+ is given, the parameters are overridden with it. # The keys in +params+ must be assignment methods on SSLContext. # # If the verify_mode is not VERIFY_NONE and ca_file, ca_path and # cert_store are not set then the system default certificate store is # used. - def set_params(params={}) params = DEFAULT_PARAMS.merge(params) params.each{|name, value| self.__send__("#{name}=", value) } @@ -251,10 +262,17 @@ module OpenSSL attr_reader :hostname end - attr_reader :io, :context - attr_accessor :sync_close + # The underlying IO object. + attr_reader :io alias :to_io :io + # The SSLContext object used in this connection. + attr_reader :context + + # Whether to close the underlying socket as well, when the SSL/TLS + # connection is shut down. This defaults to +false+. + attr_accessor :sync_close + # call-seq: # ssl.sysclose => nil # @@ -268,8 +286,10 @@ module OpenSSL io.close if sync_close end - ## - # Perform hostname verification after an SSL connection is established + # call-seq: + # ssl.post_connection_check(hostname) -> true + # + # Perform hostname verification following RFC 6125. # # This method MUST be called after calling #connect to ensure that the # hostname of a remote peer has been verified. @@ -277,7 +297,8 @@ module OpenSSL if peer_cert.nil? msg = "Peer verification enabled, but no certificate received." if using_anon_cipher? - msg += " Anonymous cipher suite #{cipher[0]} was negotiated. Anonymous suites must be disabled to use peer verification." + msg += " Anonymous cipher suite #{cipher[0]} was negotiated. " \ + "Anonymous suites must be disabled to use peer verification." end raise SSLError, msg end @@ -288,6 +309,11 @@ module OpenSSL return true end + # call-seq: + # ssl.session -> aSession + # + # Returns the SSLSession object currently used, or nil if the session is + # not established. def session SSL::Session.new(self) rescue SSL::Session::SessionError diff --git a/ext/openssl/openssl.gemspec b/ext/openssl/openssl.gemspec new file mode 100644 index 0000000000..4254a9fd6b --- /dev/null +++ b/ext/openssl/openssl.gemspec @@ -0,0 +1,45 @@ +# -*- encoding: utf-8 -*- +# stub: openssl 2.0.0.beta.1 ruby lib +# stub: ext/openssl/extconf.rb + +Gem::Specification.new do |s| + s.name = "openssl".freeze + s.version = "2.0.0.beta.1" + + s.required_rubygems_version = Gem::Requirement.new("> 1.3.1".freeze) if s.respond_to? :required_rubygems_version= + s.require_paths = ["lib".freeze] + s.authors = ["Martin Bosslet".freeze, "SHIBATA Hiroshi".freeze, "Zachary Scott".freeze, "Kazuki Yamaguchi".freeze] + s.date = "2016-08-29" + s.description = "It wraps the OpenSSL library.".freeze + s.email = ["ruby-core@ruby-lang.org".freeze] + s.extensions = ["ext/openssl/extconf.rb".freeze] + s.extra_rdoc_files = ["CONTRIBUTING.md".freeze, "History.md".freeze, "README.md".freeze] + s.files = ["BSDL".freeze, "CONTRIBUTING.md".freeze, "History.md".freeze, "LICENSE.txt".freeze, "README.md".freeze, "ext/openssl/deprecation.rb".freeze, "ext/openssl/extconf.rb".freeze, "ext/openssl/openssl_missing.c".freeze, "ext/openssl/openssl_missing.h".freeze, "ext/openssl/ossl.c".freeze, "ext/openssl/ossl.h".freeze, "ext/openssl/ossl_asn1.c".freeze, "ext/openssl/ossl_asn1.h".freeze, "ext/openssl/ossl_bio.c".freeze, "ext/openssl/ossl_bio.h".freeze, "ext/openssl/ossl_bn.c".freeze, "ext/openssl/ossl_bn.h".freeze, "ext/openssl/ossl_cipher.c".freeze, "ext/openssl/ossl_cipher.h".freeze, "ext/openssl/ossl_config.c".freeze, "ext/openssl/ossl_config.h".freeze, "ext/openssl/ossl_digest.c".freeze, "ext/openssl/ossl_digest.h".freeze, "ext/openssl/ossl_engine.c".freeze, "ext/openssl/ossl_engine.h".freeze, "ext/openssl/ossl_hmac.c".freeze, "ext/openssl/ossl_hmac.h".freeze, "ext/openssl/ossl_ns_spki.c".freeze, "ext/openssl/ossl_ns_spki.h".freeze, "ext/openssl/ossl_ocsp.c".freeze, "ext/openssl/ossl_ocsp.h".freeze, "ext/openssl/ossl_pkcs12.c".freeze, "ext/openssl/ossl_pkcs12.h".freeze, "ext/openssl/ossl_pkcs5.c".freeze, "ext/openssl/ossl_pkcs5.h".freeze, "ext/openssl/ossl_pkcs7.c".freeze, "ext/openssl/ossl_pkcs7.h".freeze, "ext/openssl/ossl_pkey.c".freeze, "ext/openssl/ossl_pkey.h".freeze, "ext/openssl/ossl_pkey_dh.c".freeze, "ext/openssl/ossl_pkey_dsa.c".freeze, "ext/openssl/ossl_pkey_ec.c".freeze, "ext/openssl/ossl_pkey_rsa.c".freeze, "ext/openssl/ossl_rand.c".freeze, "ext/openssl/ossl_rand.h".freeze, "ext/openssl/ossl_ssl.c".freeze, "ext/openssl/ossl_ssl.h".freeze, "ext/openssl/ossl_ssl_session.c".freeze, "ext/openssl/ossl_version.h".freeze, "ext/openssl/ossl_x509.c".freeze, "ext/openssl/ossl_x509.h".freeze, "ext/openssl/ossl_x509attr.c".freeze, "ext/openssl/ossl_x509cert.c".freeze, "ext/openssl/ossl_x509crl.c".freeze, "ext/openssl/ossl_x509ext.c".freeze, "ext/openssl/ossl_x509name.c".freeze, "ext/openssl/ossl_x509req.c".freeze, "ext/openssl/ossl_x509revoked.c".freeze, "ext/openssl/ossl_x509store.c".freeze, "ext/openssl/ruby_missing.h".freeze, "lib/openssl.rb".freeze, "lib/openssl/bn.rb".freeze, "lib/openssl/buffering.rb".freeze, "lib/openssl/cipher.rb".freeze, "lib/openssl/config.rb".freeze, "lib/openssl/digest.rb".freeze, "lib/openssl/pkey.rb".freeze, "lib/openssl/ssl.rb".freeze, "lib/openssl/x509.rb".freeze] + s.homepage = "https://www.ruby-lang.org/".freeze + s.licenses = ["Ruby".freeze] + s.rdoc_options = ["--main".freeze, "README.md".freeze] + s.required_ruby_version = Gem::Requirement.new(">= 2.3.0".freeze) + s.rubygems_version = "2.6.6".freeze + s.summary = "OpenSSL provides SSL, TLS and general purpose cryptography.".freeze + + if s.respond_to? :specification_version then + s.specification_version = 4 + + if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then + s.add_development_dependency(%q.freeze, ["~> 10.3"]) + s.add_development_dependency(%q.freeze, ["~> 0.9"]) + s.add_development_dependency(%q.freeze, ["~> 3.0"]) + s.add_development_dependency(%q.freeze, ["~> 4.2"]) + else + s.add_dependency(%q.freeze, ["~> 10.3"]) + s.add_dependency(%q.freeze, ["~> 0.9"]) + s.add_dependency(%q.freeze, ["~> 3.0"]) + s.add_dependency(%q.freeze, ["~> 4.2"]) + end + else + s.add_dependency(%q.freeze, ["~> 10.3"]) + s.add_dependency(%q.freeze, ["~> 0.9"]) + s.add_dependency(%q.freeze, ["~> 3.0"]) + s.add_dependency(%q.freeze, ["~> 4.2"]) + end +end diff --git a/ext/openssl/openssl_missing.c b/ext/openssl/openssl_missing.c index cb22647c86..cc13b7a3a5 100644 --- a/ext/openssl/openssl_missing.c +++ b/ext/openssl/openssl_missing.c @@ -150,7 +150,8 @@ HMAC_CTX_free(HMAC_CTX *ctx) #if !defined(HAVE_X509_CRL_GET0_SIGNATURE) void -X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, X509_CRL *crl) +X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, + const X509_ALGOR **palg) { if (psig != NULL) *psig = crl->signature; @@ -161,7 +162,8 @@ X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, X509_CRL *crl #if !defined(HAVE_X509_REQ_GET0_SIGNATURE) void -X509_REQ_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, X509_REQ *req) +X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig, + const X509_ALGOR **palg) { if (psig != NULL) *psig = req->signature; diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h index 769c7c2d24..897d6235b0 100644 --- a/ext/openssl/openssl_missing.h +++ b/ext/openssl/openssl_missing.h @@ -110,11 +110,11 @@ void HMAC_CTX_free(HMAC_CTX *ctx); #endif #if !defined(HAVE_X509_CRL_GET0_SIGNATURE) -void X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, X509_CRL *crl); +void X509_CRL_get0_signature(const X509_CRL *, const ASN1_BIT_STRING **, const X509_ALGOR **); #endif #if !defined(HAVE_X509_REQ_GET0_SIGNATURE) -void X509_REQ_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, X509_REQ *req); +void X509_REQ_get0_signature(const X509_REQ *, const ASN1_BIT_STRING **, const X509_ALGOR **); #endif #if !defined(HAVE_X509_REVOKED_GET0_SERIALNUMBER) @@ -231,6 +231,14 @@ IMPL_PKEY_GETTER(EC_KEY, ec) #if defined(HAVE_AUTHENTICATED_ENCRYPTION) && !defined(EVP_CTRL_AEAD_GET_TAG) # define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG # define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG +# define EVP_CTRL_AEAD_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN +#endif + +#if !defined(HAVE_X509_GET0_NOTBEFORE) +# define X509_get0_notBefore(x) X509_get_notBefore(x) +# define X509_get0_notAfter(x) X509_get_notAfter(x) +# define X509_CRL_get0_lastUpdate(x) X509_CRL_get_lastUpdate(x) +# define X509_CRL_get0_nextUpdate(x) X509_CRL_get_nextUpdate(x) #endif #endif /* _OSSL_OPENSSL_MISSING_H_ */ diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c index 83baa7b63c..a9000f25a3 100644 --- a/ext/openssl/ossl.c +++ b/ext/openssl/ossl.c @@ -9,40 +9,7 @@ */ #include "ossl.h" #include /* for ossl_raise */ - -/* - * String to HEXString conversion - */ -int -string2hex(const unsigned char *buf, int buf_len, char **hexbuf, int *hexbuf_len) -{ - static const char hex[]="0123456789abcdef"; - int i, len; - - if (buf_len < 0 || buf_len > INT_MAX / 2) { /* PARANOIA? */ - return -1; - } - len = 2 * buf_len; - if (!hexbuf) { /* if no buf, return calculated len */ - if (hexbuf_len) { - *hexbuf_len = len; - } - return len; - } - if (!(*hexbuf = OPENSSL_malloc(len + 1))) { - return -1; - } - for (i = 0; i < buf_len; i++) { - (*hexbuf)[2 * i] = hex[((unsigned char)buf[i]) >> 4]; - (*hexbuf)[2 * i + 1] = hex[buf[i] & 0x0f]; - } - (*hexbuf)[2 * i] = '\0'; - - if (hexbuf_len) { - *hexbuf_len = len; - } - return len; -} +#include /* for OpenSSL < 1.1.0 locks */ /* * Data Conversion @@ -77,7 +44,7 @@ STACK_OF(type) * \ ossl_protect_##name##_ary2sk(VALUE ary, int *status) \ { \ return (STACK_OF(type)*)rb_protect( \ - (VALUE(*)_((VALUE)))ossl_##name##_ary2sk0, \ + (VALUE (*)(VALUE))ossl_##name##_ary2sk0, \ ary, \ status); \ } \ @@ -97,7 +64,7 @@ OSSL_IMPL_ARY2SK(x509, X509, cX509Cert, DupX509CertPtr) #define OSSL_IMPL_SK2ARY(name, type) \ VALUE \ -ossl_##name##_sk2ary(STACK_OF(type) *sk) \ +ossl_##name##_sk2ary(const STACK_OF(type) *sk) \ { \ type *t; \ int i, num; \ @@ -136,7 +103,7 @@ ossl_buf2str(char *buf, int len) VALUE str; int status = 0; - str = rb_protect((VALUE(*)_((VALUE)))ossl_str_new, len, &status); + str = rb_protect((VALUE (*)(VALUE))ossl_str_new, len, &status); if(!NIL_P(str)) memcpy(RSTRING_PTR(str), buf, len); OPENSSL_free(buf); if(status) rb_jump_tag(status); @@ -144,6 +111,21 @@ ossl_buf2str(char *buf, int len) return str; } +void +ossl_bin2hex(unsigned char *in, char *out, size_t inlen) +{ + const char *hex = "0123456789abcdef"; + size_t i; + + assert(inlen <= LONG_MAX / 2); + for (i = 0; i < inlen; i++) { + unsigned char p = in[i]; + + out[i * 2 + 0] = hex[p >> 4]; + out[i * 2 + 1] = hex[p & 0x0f]; + } +} + /* * our default PEM callback */ @@ -242,54 +224,54 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd_) int ossl_store_ctx_ex_verify_cb_idx; int ossl_store_ex_verify_cb_idx; -VALUE +struct ossl_verify_cb_args { + VALUE proc; + VALUE preverify_ok; + VALUE store_ctx; +}; + +static VALUE ossl_call_verify_cb_proc(struct ossl_verify_cb_args *args) { return rb_funcall(args->proc, rb_intern("call"), 2, - args->preverify_ok, args->store_ctx); + args->preverify_ok, args->store_ctx); } int -ossl_verify_cb(int ok, X509_STORE_CTX *ctx) +ossl_verify_cb_call(VALUE proc, int ok, X509_STORE_CTX *ctx) { - VALUE proc, rctx, ret; + VALUE rctx, ret; struct ossl_verify_cb_args args; - int state = 0; + int state; - proc = (VALUE)X509_STORE_CTX_get_ex_data(ctx, ossl_store_ctx_ex_verify_cb_idx); - if (!proc) - proc = (VALUE)X509_STORE_get_ex_data(X509_STORE_CTX_get0_store(ctx), ossl_store_ex_verify_cb_idx); - if (!proc) + if (NIL_P(proc)) return ok; - if (!NIL_P(proc)) { - ret = Qfalse; - rctx = rb_protect((VALUE(*)(VALUE))ossl_x509stctx_new, - (VALUE)ctx, &state); + + ret = Qfalse; + rctx = rb_protect((VALUE(*)(VALUE))ossl_x509stctx_new, (VALUE)ctx, &state); + if (state) { + rb_set_errinfo(Qnil); + rb_warn("StoreContext initialization failure"); + } + else { + args.proc = proc; + args.preverify_ok = ok ? Qtrue : Qfalse; + args.store_ctx = rctx; + ret = rb_protect((VALUE(*)(VALUE))ossl_call_verify_cb_proc, (VALUE)&args, &state); if (state) { rb_set_errinfo(Qnil); - rb_warn("StoreContext initialization failure"); - } - else { - args.proc = proc; - args.preverify_ok = ok ? Qtrue : Qfalse; - args.store_ctx = rctx; - ret = rb_protect((VALUE(*)(VALUE))ossl_call_verify_cb_proc, (VALUE)&args, &state); - if (state) { - rb_set_errinfo(Qnil); - rb_warn("exception in verify_callback is ignored"); - } - ossl_x509stctx_clear_ptr(rctx); - } - if (ret == Qtrue) { - X509_STORE_CTX_set_error(ctx, X509_V_OK); - ok = 1; - } - else{ - if (X509_STORE_CTX_get_error(ctx) == X509_V_OK) { - X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REJECTED); - } - ok = 0; + rb_warn("exception in verify_callback is ignored"); } + ossl_x509stctx_clear_ptr(rctx); + } + if (ret == Qtrue) { + X509_STORE_CTX_set_error(ctx, X509_V_OK); + ok = 1; + } + else { + if (X509_STORE_CTX_get_error(ctx) == X509_V_OK) + X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REJECTED); + ok = 0; } return ok; @@ -453,24 +435,14 @@ ossl_debug_get(VALUE self) * call-seq: * OpenSSL.debug = boolean -> boolean * - * Turns on or off CRYPTO_MEM_CHECK. - * Also shows some debugging message on stderr. + * Turns on or off debug mode. With debug mode, all erros added to the OpenSSL + * error queue will be printed to stderr. */ static VALUE ossl_debug_set(VALUE self, VALUE val) { - VALUE old = dOSSL; - dOSSL = val; - - if (old != dOSSL) { - if (dOSSL == Qtrue) { - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - fprintf(stderr, "OSSL_DEBUG: IS NOW ON!\n"); - } else if (old == Qtrue) { - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF); - fprintf(stderr, "OSSL_DEBUG: IS NOW OFF!\n"); - } - } + dOSSL = RTEST(val) ? Qtrue : Qfalse; + return val; } @@ -483,9 +455,8 @@ ossl_debug_set(VALUE self, VALUE val) * so otherwise will result in an error. * * === Examples - * - * OpenSSL.fips_mode = true # turn FIPS mode on - * OpenSSL.fips_mode = false # and off again + * OpenSSL.fips_mode = true # turn FIPS mode on + * OpenSSL.fips_mode = false # and off again */ static VALUE ossl_fips_mode_set(VALUE self, VALUE enabled) @@ -512,7 +483,6 @@ ossl_fips_mode_set(VALUE self, VALUE enabled) /** * Stores locks needed for OpenSSL thread safety */ -#include "ruby/thread_native.h" static rb_nativethread_lock_t *ossl_locks; static void @@ -602,20 +572,6 @@ static void Init_ossl_locks(void) * OpenSSL provides SSL, TLS and general purpose cryptography. It wraps the * OpenSSL[http://www.openssl.org/] library. * - * = Install - * - * OpenSSL comes bundled with the Standard Library of Ruby. - * - * This means the OpenSSL extension is compiled with Ruby and packaged on - * build. During compile time, Ruby will need to link against the OpenSSL - * library on your system. However, you cannot use openssl provided by Apple to - * build standard library openssl. - * - * If you use OSX, you should install another openssl and run ```./configure - * --with-openssl-dir=/path/to/another-openssl```. For Homebrew user, run `brew - * install openssl` and then ```./configure --with-openssl-dir=`brew --prefix - * openssl` ```. - * * = Examples * * All examples assume you have loaded OpenSSL with: @@ -660,10 +616,12 @@ static void Init_ossl_locks(void) * * key2 = OpenSSL::PKey::RSA.new File.read 'private_key.pem' * key2.public? # => true + * key2.private? # => true * * or * * key3 = OpenSSL::PKey::RSA.new File.read 'public_key.pem' + * key3.public? # => true * key3.private? # => false * * === Loading an Encrypted Key @@ -910,7 +868,7 @@ static void Init_ossl_locks(void) * ca_key = OpenSSL::PKey::RSA.new 2048 * pass_phrase = 'my secure pass phrase goes here' * - * cipher = OpenSSL::Cipher::Cipher.new 'AES-128-CBC' + * cipher = OpenSSL::Cipher.new 'AES-128-CBC' * * open 'ca_key.pem', 'w', 0400 do |io| * io.write ca_key.export(cipher, pass_phrase) @@ -1063,15 +1021,21 @@ static void Init_ossl_locks(void) * SSLSocket#connect must be called to initiate the SSL handshake and start * encryption. A key and certificate are not required for the client socket. * + * Note that SSLSocket#close doesn't close the underlying socket by default. Set + * SSLSocket#sync_close to true if you want. + * * require 'socket' * * tcp_socket = TCPSocket.new 'localhost', 5000 * ssl_client = OpenSSL::SSL::SSLSocket.new tcp_socket, context + * ssl_client.sync_close = true * ssl_client.connect * * ssl_client.puts "hello server!" * puts ssl_client.gets * + * ssl_client.close # shutdown the TLS connection and close tcp_socket + * * === Peer Verification * * An unverified SSL connection does not provide much security. For enhanced @@ -1160,11 +1124,14 @@ Init_openssl(void) /* * Boolean indicating whether OpenSSL is FIPS-enabled or not */ + rb_define_const(mOSSL, "OPENSSL_FIPS", #ifdef OPENSSL_FIPS - rb_define_const(mOSSL, "OPENSSL_FIPS", Qtrue); + Qtrue #else - rb_define_const(mOSSL, "OPENSSL_FIPS", Qfalse); + Qfalse #endif + ); + rb_define_module_function(mOSSL, "fips_mode=", ossl_fips_mode_set, 1); /* diff --git a/ext/openssl/ossl.h b/ext/openssl/ossl.h index 2317fa8b5e..864d068342 100644 --- a/ext/openssl/ossl.h +++ b/ext/openssl/ossl.h @@ -96,20 +96,15 @@ extern VALUE eOSSLError; }\ } while (0) -/* - * String to HEXString conversion - */ -int string2hex(const unsigned char *, int, char **, int *); - /* * Data Conversion */ STACK_OF(X509) *ossl_x509_ary2sk0(VALUE); STACK_OF(X509) *ossl_x509_ary2sk(VALUE); STACK_OF(X509) *ossl_protect_x509_ary2sk(VALUE,int*); -VALUE ossl_x509_sk2ary(STACK_OF(X509) *certs); -VALUE ossl_x509crl_sk2ary(STACK_OF(X509_CRL) *crl); -VALUE ossl_x509name_sk2ary(STACK_OF(X509_NAME) *names); +VALUE ossl_x509_sk2ary(const STACK_OF(X509) *certs); +VALUE ossl_x509crl_sk2ary(const STACK_OF(X509_CRL) *crl); +VALUE ossl_x509name_sk2ary(const STACK_OF(X509_NAME) *names); VALUE ossl_buf2str(char *buf, int len); #define ossl_str_adjust(str, p) \ do{\ @@ -118,6 +113,11 @@ do{\ assert(newlen <= len);\ rb_str_set_len((str), newlen);\ }while(0) +/* + * Convert binary string to hex string. The caller is responsible for + * ensuring out has (2 * len) bytes of capacity. + */ +void ossl_bin2hex(unsigned char *in, char *out, size_t len); /* * Our default PEM callback @@ -154,14 +154,7 @@ void ossl_clear_error(void); extern int ossl_store_ctx_ex_verify_cb_idx; extern int ossl_store_ex_verify_cb_idx; -struct ossl_verify_cb_args { - VALUE proc; - VALUE preverify_ok; - VALUE store_ctx; -}; - -VALUE ossl_call_verify_cb_proc(struct ossl_verify_cb_args *); -int ossl_verify_cb(int, X509_STORE_CTX *); +int ossl_verify_cb_call(VALUE, int, X509_STORE_CTX *); /* * String to DER String diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c index cbedd59efa..85b1f02e62 100644 --- a/ext/openssl/ossl_asn1.c +++ b/ext/openssl/ossl_asn1.c @@ -28,7 +28,7 @@ static VALUE ossl_asn1eoc_initialize(VALUE self); * DATE conversion */ VALUE -asn1time_to_time(ASN1_TIME *time) +asn1time_to_time(const ASN1_TIME *time) { struct tm tm; VALUE argv[6]; @@ -103,7 +103,7 @@ time_to_time_t(VALUE time) * STRING conversion */ VALUE -asn1str_to_str(ASN1_STRING *str) +asn1str_to_str(const ASN1_STRING *str) { return rb_str_new((const char *)str->data, str->length); } @@ -114,7 +114,7 @@ asn1str_to_str(ASN1_STRING *str) */ #define DO_IT_VIA_RUBY 0 VALUE -asn1integer_to_num(ASN1_INTEGER *ai) +asn1integer_to_num(const ASN1_INTEGER *ai) { BIGNUM *bn; #if DO_IT_VIA_RUBY @@ -126,7 +126,8 @@ asn1integer_to_num(ASN1_INTEGER *ai) ossl_raise(rb_eTypeError, "ASN1_INTEGER is NULL!"); } if (ai->type == V_ASN1_ENUMERATED) - bn = ASN1_ENUMERATED_to_BN(ai, NULL); + /* const_cast: workaround for old OpenSSL */ + bn = ASN1_ENUMERATED_to_BN((ASN1_ENUMERATED *)ai, NULL); else bn = ASN1_INTEGER_to_BN(ai, NULL); @@ -383,7 +384,7 @@ decode_int(unsigned char* der, long length) p = der; if(!(ai = d2i_ASN1_INTEGER(NULL, &p, length))) ossl_raise(eASN1Error, NULL); - ret = rb_protect((VALUE(*)_((VALUE)))asn1integer_to_num, + ret = rb_protect((VALUE (*)(VALUE))asn1integer_to_num, (VALUE)ai, &status); ASN1_INTEGER_free(ai); if(status) rb_jump_tag(status); @@ -423,7 +424,7 @@ decode_enum(unsigned char* der, long length) p = der; if(!(ai = d2i_ASN1_ENUMERATED(NULL, &p, length))) ossl_raise(eASN1Error, NULL); - ret = rb_protect((VALUE(*)_((VALUE)))asn1integer_to_num, + ret = rb_protect((VALUE (*)(VALUE))asn1integer_to_num, (VALUE)ai, &status); ASN1_ENUMERATED_free(ai); if(status) rb_jump_tag(status); @@ -485,7 +486,7 @@ decode_time(unsigned char* der, long length) p = der; if(!(time = d2i_ASN1_TIME(NULL, &p, length))) ossl_raise(eASN1Error, NULL); - ret = rb_protect((VALUE(*)_((VALUE)))asn1time_to_time, + ret = rb_protect((VALUE (*)(VALUE))asn1time_to_time, (VALUE)time, &status); ASN1_TIME_free(time); if(status) rb_jump_tag(status); @@ -1471,7 +1472,8 @@ Init_ossl_asn1(void) int i; #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); #endif sUNIVERSAL = rb_intern("UNIVERSAL"); @@ -1806,10 +1808,6 @@ Init_ossl_asn1(void) * it is not typically allocated this way, but rather that are received from * parsed ASN1 encodings. * - * While OpenSSL::ASN1::ObjectId.new will allocate a new ObjectId, it is - * not typically allocated this way, but rather that are received from - * parsed ASN1 encodings. - * * === Additional attributes * * +sn+: the short name as defined in . * * +ln+: the long name as defined in . diff --git a/ext/openssl/ossl_asn1.h b/ext/openssl/ossl_asn1.h index b1c85a6804..d6a170c86c 100644 --- a/ext/openssl/ossl_asn1.h +++ b/ext/openssl/ossl_asn1.h @@ -13,7 +13,7 @@ /* * ASN1_DATE conversions */ -VALUE asn1time_to_time(ASN1_TIME *); +VALUE asn1time_to_time(const ASN1_TIME *); #if defined(HAVE_ASN1_TIME_ADJ) /* Splits VALUE to seconds and offset days. VALUE is typically a Time or an * Integer. This is used when updating ASN1_*TIME with ASN1_TIME_adj() or @@ -27,12 +27,12 @@ time_t time_to_time_t(VALUE); /* * ASN1_STRING conversions */ -VALUE asn1str_to_str(ASN1_STRING *); +VALUE asn1str_to_str(const ASN1_STRING *); /* * ASN1_INTEGER conversions */ -VALUE asn1integer_to_num(ASN1_INTEGER *); +VALUE asn1integer_to_num(const ASN1_INTEGER *); ASN1_INTEGER *num_to_asn1integer(VALUE, ASN1_INTEGER *); /* diff --git a/ext/openssl/ossl_bio.c b/ext/openssl/ossl_bio.c index cd2582646b..feaf229604 100644 --- a/ext/openssl/ossl_bio.c +++ b/ext/openssl/ossl_bio.c @@ -51,7 +51,7 @@ BIO * ossl_protect_obj2bio(VALUE obj, int *status) { BIO *ret = NULL; - ret = (BIO*)rb_protect((VALUE(*)_((VALUE)))ossl_obj2bio, obj, status); + ret = (BIO*)rb_protect((VALUE (*)(VALUE))ossl_obj2bio, obj, status); return ret; } @@ -70,7 +70,7 @@ ossl_membio2str0(BIO *bio) VALUE ossl_protect_membio2str(BIO *bio, int *status) { - return rb_protect((VALUE(*)_((VALUE)))ossl_membio2str0, (VALUE)bio, status); + return rb_protect((VALUE (*)(VALUE))ossl_membio2str0, (VALUE)bio, status); } VALUE diff --git a/ext/openssl/ossl_bn.c b/ext/openssl/ossl_bn.c index 6a0a21eb83..19a868c334 100644 --- a/ext/openssl/ossl_bn.c +++ b/ext/openssl/ossl_bn.c @@ -51,8 +51,6 @@ static const rb_data_type_t ossl_bn_type = { VALUE cBN; /* Document-class: OpenSSL::BNError - * - * BNError < OpenSSLError * * Generic Error for all of OpenSSL::BN (big num) */ @@ -77,25 +75,66 @@ ossl_bn_new(const BIGNUM *bn) return obj; } +static BIGNUM * +integer_to_bnptr(VALUE obj, BIGNUM *orig) +{ + BIGNUM *bn; + + if (FIXNUM_P(obj)) { + long i; + unsigned char bin[sizeof(long)]; + long n = FIX2LONG(obj); + unsigned long un = labs(n); + + for (i = sizeof(long) - 1; 0 <= i; i--) { + bin[i] = un & 0xff; + un >>= 8; + } + + bn = BN_bin2bn(bin, sizeof(bin), orig); + if (!bn) + ossl_raise(eBNError, "BN_bin2bn"); + if (n < 0) + BN_set_negative(bn, 1); + } + else { /* assuming Bignum */ + size_t len = rb_absint_size(obj, NULL); + unsigned char *bin; + VALUE buf; + int sign; + + if (INT_MAX < len) { + rb_raise(eBNError, "bignum too long"); + } + bin = (unsigned char*)ALLOCV_N(unsigned char, buf, len); + sign = rb_integer_pack(obj, bin, len, 1, 0, INTEGER_PACK_BIG_ENDIAN); + + bn = BN_bin2bn(bin, (int)len, orig); + ALLOCV_END(buf); + if (!bn) + ossl_raise(eBNError, "BN_bin2bn"); + if (sign < 0) + BN_set_negative(bn, 1); + } + + return bn; +} + static BIGNUM * try_convert_to_bnptr(VALUE obj) { BIGNUM *bn = NULL; VALUE newobj; - if (RTEST(rb_obj_is_kind_of(obj, cBN))) { + if (rb_obj_is_kind_of(obj, cBN)) { GetBN(obj, bn); - } else switch (TYPE(obj)) { - case T_FIXNUM: - case T_BIGNUM: - obj = rb_String(obj); - newobj = NewBN(cBN); /* GC bug */ - if (!BN_dec2bn(&bn, StringValueCStr(obj))) { - ossl_raise(eBNError, NULL); - } - SetBN(newobj, bn); /* Handle potencial mem leaks */ - break; } + else if (RB_INTEGER_TYPE_P(obj)) { + newobj = NewBN(cBN); /* Handle potencial mem leaks */ + bn = integer_to_bnptr(obj, NULL); + SetBN(newobj, bn); + } + return bn; } @@ -135,6 +174,7 @@ ossl_bn_alloc(VALUE klass) /* Document-method: OpenSSL::BN.new * + * call-seq: * OpenSSL::BN.new => aBN * OpenSSL::BN.new(bn) => aBN * OpenSSL::BN.new(integer) => aBN @@ -154,45 +194,13 @@ ossl_bn_initialize(int argc, VALUE *argv, VALUE self) base = NUM2INT(bs); } - if (RB_TYPE_P(str, T_FIXNUM)) { - long i; - unsigned char bin[sizeof(long)]; - long n = FIX2LONG(str); - unsigned long un = labs(n); - - for (i = sizeof(long) - 1; 0 <= i; i--) { - bin[i] = un&0xff; - un >>= 8; - } - + if (RB_INTEGER_TYPE_P(str)) { GetBN(self, bn); - if (!BN_bin2bn(bin, sizeof(bin), bn)) { - ossl_raise(eBNError, NULL); - } - if (n < 0) BN_set_negative(bn, 1); - return self; - } - else if (RB_TYPE_P(str, T_BIGNUM)) { - size_t len = rb_absint_size(str, NULL); - unsigned char *bin; - VALUE buf; - int sign; - - if (INT_MAX < len) { - rb_raise(eBNError, "bignum too long"); - } - bin = (unsigned char*)ALLOCV_N(unsigned char, buf, len); - sign = rb_integer_pack(str, bin, len, 1, 0, INTEGER_PACK_BIG_ENDIAN); + integer_to_bnptr(str, bn); - GetBN(self, bn); - if (!BN_bin2bn(bin, (int)len, bn)) { - ALLOCV_END(buf); - ossl_raise(eBNError, NULL); - } - ALLOCV_END(buf); - if (sign < 0) BN_set_negative(bn, 1); return self; } + if (RTEST(rb_obj_is_kind_of(str, cBN))) { BIGNUM *other; @@ -239,11 +247,11 @@ ossl_bn_initialize(int argc, VALUE *argv, VALUE self) * * === Parameters * * +base+ - integer - * * * Valid values: - * * * * 0 - MPI - * * * * 2 - binary - * * * * 10 - the default - * * * * 16 - hex + * Valid values: + * * 0 - MPI + * * 2 - binary + * * 10 - the default + * * 16 - hex */ static VALUE ossl_bn_to_s(int argc, VALUE *argv, VALUE self) @@ -346,18 +354,21 @@ ossl_bn_coerce(VALUE self, VALUE other) /* * Document-method: OpenSSL::BN#zero? + * call-seq: * bn.zero? => true | false */ BIGNUM_BOOL1(is_zero) /* * Document-method: OpenSSL::BN#one? + * call-seq: * bn.one? => true | false */ BIGNUM_BOOL1(is_one) /* * Document-method: OpenSSL::BN#odd? + * call-seq: * bn.odd? => true | false */ BIGNUM_BOOL1(is_odd) @@ -383,6 +394,7 @@ BIGNUM_BOOL1(is_odd) /* * Document-method: OpenSSL::BN#sqr + * call-seq: * bn.sqr => aBN */ BIGNUM_1c(sqr) @@ -408,12 +420,14 @@ BIGNUM_1c(sqr) /* * Document-method: OpenSSL::BN#+ + * call-seq: * bn + bn2 => aBN */ BIGNUM_2(add) /* * Document-method: OpenSSL::BN#- + * call-seq: * bn - bn2 => aBN */ BIGNUM_2(sub) @@ -439,42 +453,49 @@ BIGNUM_2(sub) /* * Document-method: OpenSSL::BN#* + * call-seq: * bn * bn2 => aBN */ BIGNUM_2c(mul) /* * Document-method: OpenSSL::BN#% + * call-seq: * bn % bn2 => aBN */ BIGNUM_2c(mod) /* * Document-method: OpenSSL::BN#** + * call-seq: * bn ** bn2 => aBN */ BIGNUM_2c(exp) /* * Document-method: OpenSSL::BN#gcd + * call-seq: * bn.gcd(bn2) => aBN */ BIGNUM_2c(gcd) /* * Document-method: OpenSSL::BN#mod_sqr + * call-seq: * bn.mod_sqr(bn2) => aBN */ BIGNUM_2c(mod_sqr) /* * Document-method: OpenSSL::BN#mod_inverse + * call-seq: * bn.mod_inverse(bn2) => aBN */ BIGNUM_2c(mod_inverse) /* * Document-method: OpenSSL::BN#/ + * call-seq: * bn1 / bn2 => [result, remainder] * * Division of OpenSSL::BN instances @@ -529,24 +550,28 @@ ossl_bn_div(VALUE self, VALUE other) /* * Document-method: OpenSSL::BN#mod_add + * call-seq: * bn.mod_add(bn1, bn2) -> aBN */ BIGNUM_3c(mod_add) /* * Document-method: OpenSSL::BN#mod_sub + * call-seq: * bn.mod_sub(bn1, bn2) -> aBN */ BIGNUM_3c(mod_sub) /* * Document-method: OpenSSL::BN#mod_mul + * call-seq: * bn.mod_mul(bn1, bn2) -> aBN */ BIGNUM_3c(mod_mul) /* * Document-method: OpenSSL::BN#mod_exp + * call-seq: * bn.mod_exp(bn1, bn2) -> aBN */ BIGNUM_3c(mod_exp) @@ -565,29 +590,31 @@ BIGNUM_3c(mod_exp) /* * Document-method: OpenSSL::BN#set_bit! + * call-seq: * bn.set_bit!(bit) -> self */ BIGNUM_BIT(set_bit) /* * Document-method: OpenSSL::BN#clear_bit! + * call-seq: * bn.clear_bit!(bit) -> self */ BIGNUM_BIT(clear_bit) /* * Document-method: OpenSSL::BN#mask_bit! + * call-seq: * bn.mask_bit!(bit) -> self */ BIGNUM_BIT(mask_bits) /* Document-method: OpenSSL::BN#bit_set? + * call-seq: + * bn.bit_set?(bit) => true | false * * Returns boolean of whether +bit+ is set. * Bitwise operations for openssl BIGNUMs. - * - * bn.bit_set?(bit) => true | false - * */ static VALUE ossl_bn_is_bit_set(VALUE self, VALUE bit) @@ -653,12 +680,14 @@ BIGNUM_SHIFT(rshift) /* * Document-method: OpenSSL::BN#lshift! + * call-seq: * bn.lshift!(bits) -> self */ BIGNUM_SELF_SHIFT(lshift) /* * Document-method: OpenSSL::BN#rshift! + * call-seq: * bn.rshift!(bits) -> self */ BIGNUM_SELF_SHIFT(rshift) @@ -722,6 +751,7 @@ BIGNUM_RAND(pseudo_rand) /* * Document-method: OpenSSL::BN.rand_range + * call-seq: * BN.rand_range(range) -> aBN * */ @@ -729,6 +759,7 @@ BIGNUM_RAND_RANGE(rand) /* * Document-method: OpenSSL::BN.pseudo_rand_range + * call-seq: * BN.pseudo_rand_range(range) -> aBN * */ @@ -785,17 +816,19 @@ ossl_bn_s_generate_prime(int argc, VALUE *argv, VALUE klass) { \ BIGNUM *bn; \ GetBN(self, bn); \ - return INT2FIX(BN_##func(bn)); \ + return INT2NUM(BN_##func(bn)); \ } /* * Document-method: OpenSSL::BN#num_bytes + * call-seq: * bn.num_bytes => integer */ BIGNUM_NUM(num_bytes) /* * Document-method: OpenSSL::BN#num_bits + * call-seq: * bn.num_bits => integer */ BIGNUM_NUM(num_bits) @@ -824,21 +857,24 @@ ossl_bn_copy(VALUE self, VALUE other) { \ BIGNUM *bn1, *bn2 = GetBNPtr(other); \ GetBN(self, bn1); \ - return INT2FIX(BN_##func(bn1, bn2)); \ + return INT2NUM(BN_##func(bn1, bn2)); \ } /* * Document-method: OpenSSL::BN#cmp + * call-seq: * bn.cmp(bn2) => integer */ /* * Document-method: OpenSSL::BN#<=> + * call-seq: * bn <=> bn2 => integer */ BIGNUM_CMP(cmp) /* * Document-method: OpenSSL::BN#ucmp + * call-seq: * bn.ucmp(bn2) => integer */ BIGNUM_CMP(ucmp) @@ -921,9 +957,9 @@ ossl_bn_hash(VALUE self) * bn.prime? => true | false * bn.prime?(checks) => true | false * - * Performs a Miller-Rabin probabilistic primality test with +checks+ - * iterations. If +nchecks+ is not specified, a number of iterations is used - * that yields a false positive rate of at most 2^-80 for random input. + * Performs a Miller-Rabin probabilistic primality test with +checks+ + * iterations. If +nchecks+ is not specified, a number of iterations is used + * that yields a false positive rate of at most 2^-80 for random input. * * === Parameters * * +checks+ - integer @@ -957,8 +993,8 @@ ossl_bn_is_prime(int argc, VALUE *argv, VALUE self) * bn.prime_fasttest?(checks) => true | false * bn.prime_fasttest?(checks, trial_div) => true | false * - * Performs a Miller-Rabin primality test. This is same as #prime? except this - * first attempts trial divisions with some small primes. + * Performs a Miller-Rabin primality test. This is same as #prime? except this + * first attempts trial divisions with some small primes. * * === Parameters * * +checks+ - integer @@ -1001,7 +1037,8 @@ void Init_ossl_bn(void) { #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); #endif if (!(ossl_bn_ctx = BN_CTX_new())) { diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index be7a0321ae..f1f3459ef2 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -36,6 +36,7 @@ */ VALUE cCipher; VALUE eCipherError; +static ID id_auth_tag_len; static VALUE ossl_cipher_alloc(VALUE klass); static void ossl_cipher_free(void *ptr); @@ -54,11 +55,24 @@ static const rb_data_type_t ossl_cipher_type = { const EVP_CIPHER * GetCipherPtr(VALUE obj) { - EVP_CIPHER_CTX *ctx; + if (rb_obj_is_kind_of(obj, cCipher)) { + EVP_CIPHER_CTX *ctx; + + GetCipher(obj, ctx); + + return EVP_CIPHER_CTX_cipher(ctx); + } + else { + const EVP_CIPHER *cipher; - SafeGetCipher(obj, ctx); + StringValueCStr(obj); + cipher = EVP_get_cipherbyname(RSTRING_PTR(obj)); + if (!cipher) + ossl_raise(rb_eArgError, + "unsupported cipher algorithm: %"PRIsVALUE, obj); - return EVP_CIPHER_CTX_cipher(ctx); + return cipher; + } } VALUE @@ -248,7 +262,7 @@ ossl_cipher_init(int argc, VALUE *argv, VALUE self, int mode) * * Make sure to call Cipher#encrypt or Cipher#decrypt before using any of the * following methods: - * * [key=, iv=, random_key, random_iv, pkcs5_keyivgen] + * * [#key=, #iv=, #random_key, #random_iv, #pkcs5_keyivgen] * * Internally calls EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, 1). */ @@ -266,7 +280,7 @@ ossl_cipher_encrypt(int argc, VALUE *argv, VALUE self) * * Make sure to call Cipher#encrypt or Cipher#decrypt before using any of the * following methods: - * * [key=, iv=, random_key, random_iv, pkcs5_keyivgen] + * * [#key=, #iv=, #random_key, #random_iv, #pkcs5_keyivgen] * * Internally calls EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, 0). */ @@ -278,20 +292,20 @@ ossl_cipher_decrypt(int argc, VALUE *argv, VALUE self) /* * call-seq: - * cipher.pkcs5_keyivgen(pass [, salt [, iterations [, digest]]] ) -> nil + * cipher.pkcs5_keyivgen(pass, salt = nil, iterations = 2048, digest = "MD5") -> nil * * Generates and sets the key/IV based on a password. * - * WARNING: This method is only PKCS5 v1.5 compliant when using RC2, RC4-40, + * *WARNING*: This method is only PKCS5 v1.5 compliant when using RC2, RC4-40, * or DES with MD5 or SHA1. Using anything else (like AES) will generate the * key/iv using an OpenSSL specific method. This method is deprecated and * should no longer be used. Use a PKCS5 v2 key generation method from * OpenSSL::PKCS5 instead. * * === Parameters - * +salt+ must be an 8 byte string if provided. - * +iterations+ is a integer with a default of 2048. - * +digest+ is a Digest object that defaults to 'MD5' + * * +salt+ must be an 8 byte string if provided. + * * +iterations+ is a integer with a default of 2048. + * * +digest+ is a Digest object that defaults to 'MD5' * * A minimum of 1000 iterations is recommended. * @@ -331,25 +345,23 @@ ossl_cipher_update_long(EVP_CIPHER_CTX *ctx, unsigned char *out, long *out_len_p const unsigned char *in, long in_len) { int out_part_len; + int limit = INT_MAX / 2 + 1; long out_len = 0; -#define UPDATE_LENGTH_LIMIT INT_MAX - -#if SIZEOF_LONG > UPDATE_LENGTH_LIMIT - if (in_len > UPDATE_LENGTH_LIMIT) { - const int in_part_len = (UPDATE_LENGTH_LIMIT / 2 + 1) & ~1; - do { - if (!EVP_CipherUpdate(ctx, out ? (out + out_len) : 0, - &out_part_len, in, in_part_len)) - return 0; - out_len += out_part_len; - in += in_part_len; - } while ((in_len -= in_part_len) > UPDATE_LENGTH_LIMIT); - } -#endif - if (!EVP_CipherUpdate(ctx, out ? (out + out_len) : 0, - &out_part_len, in, (int)in_len)) - return 0; - if (out_len_ptr) *out_len_ptr = out_len += out_part_len; + + do { + int in_part_len = in_len > limit ? limit : (int)in_len; + + if (!EVP_CipherUpdate(ctx, out ? (out + out_len) : 0, + &out_part_len, in, in_part_len)) + return 0; + + out_len += out_part_len; + in += in_part_len; + } while ((in_len -= limit) > 0); + + if (out_len_ptr) + *out_len_ptr = out_len; + return 1; } @@ -362,9 +374,8 @@ ossl_cipher_update_long(EVP_CIPHER_CTX *ctx, unsigned char *out, long *out_len_p * data chunk. When done, the output of Cipher#final should be additionally * added to the result. * - * === Parameters - * +data+ is a nonempty string. - * +buffer+ is an optional string to store the result. + * If +buffer+ is given, the encryption/decryption result will be written to + * it. +buffer+ will be resized automatically. */ static VALUE ossl_cipher_update(int argc, VALUE *argv, VALUE self) @@ -499,12 +510,17 @@ static VALUE ossl_cipher_set_iv(VALUE self, VALUE iv) { EVP_CIPHER_CTX *ctx; - int iv_len; + int iv_len = 0; StringValue(iv); GetCipher(self, ctx); - iv_len = EVP_CIPHER_CTX_iv_length(ctx); +#if defined(HAVE_AUTHENTICATED_ENCRYPTION) + if (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER) + iv_len = (int)(VALUE)EVP_CIPHER_CTX_get_app_data(ctx); +#endif + if (!iv_len) + iv_len = EVP_CIPHER_CTX_iv_length(ctx); if (RSTRING_LEN(iv) != iv_len) ossl_raise(rb_eArgError, "iv must be %d bytes", iv_len); @@ -562,8 +578,9 @@ ossl_cipher_set_auth_data(VALUE self, VALUE data) * then set on the decryption cipher to authenticate the contents of the * ciphertext against changes. If the optional integer parameter +tag_len+ is * given, the returned tag will be +tag_len+ bytes long. If the parameter is - * omitted, the maximum length of 16 bytes will be returned. For maximum - * security, the default of 16 bytes should be chosen. + * omitted, the default length of 16 bytes or the length previously set by + * #auth_tag_len= will be used. For maximum security, the longest possible + * should be chosen. * * The tag may only be retrieved after calling Cipher#final. */ @@ -574,7 +591,10 @@ ossl_cipher_get_auth_tag(int argc, VALUE *argv, VALUE self) EVP_CIPHER_CTX *ctx; int tag_len = 16; - if (rb_scan_args(argc, argv, "01", &vtag_len) == 1) + rb_scan_args(argc, argv, "01", &vtag_len); + if (NIL_P(vtag_len)) + vtag_len = rb_attr_get(self, id_auth_tag_len); + if (!NIL_P(vtag_len)) tag_len = NUM2INT(vtag_len); GetCipher(self, ctx); @@ -600,6 +620,9 @@ ossl_cipher_get_auth_tag(int argc, VALUE *argv, VALUE self) * decrypting any of the ciphertext. After all decryption is * performed, the tag is verified automatically in the call to * Cipher#final. + * + * For OCB mode, the tag length must be supplied with #auth_tag_len= + * beforehand. */ static VALUE ossl_cipher_set_auth_tag(VALUE self, VALUE vtag) @@ -622,6 +645,36 @@ ossl_cipher_set_auth_tag(VALUE self, VALUE vtag) return vtag; } +/* + * call-seq: + * cipher.auth_tag_len = Integer -> Integer + * + * Sets the length of the authentication tag to be generated or to be given for + * AEAD ciphers that requires it as in input parameter. Note that not all AEAD + * ciphers support this method. + * + * In OCB mode, the length must be supplied both when encrypting and when + * decrypting, and must be before specifying an IV. + */ +static VALUE +ossl_cipher_set_auth_tag_len(VALUE self, VALUE vlen) +{ + int tag_len = NUM2INT(vlen); + EVP_CIPHER_CTX *ctx; + + GetCipher(self, ctx); + if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER)) + ossl_raise(eCipherError, "AEAD not supported by this cipher"); + + if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len, NULL)) + ossl_raise(eCipherError, "unable to set authentication tag length"); + + /* for #auth_tag */ + rb_ivar_set(self, id_auth_tag_len, INT2NUM(tag_len)); + + return vlen; +} + /* * call-seq: * cipher.authenticated? -> boolean @@ -638,11 +691,43 @@ ossl_cipher_is_authenticated(VALUE self) return (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER) ? Qtrue : Qfalse; } + +/* + * call-seq: + * cipher.iv_len = integer -> integer + * + * Sets the IV/nonce length of the Cipher. Normally block ciphers don't allow + * changing the IV length, but some make use of IV for 'nonce'. You may need + * this for interoperability with other applications. + */ +static VALUE +ossl_cipher_set_iv_length(VALUE self, VALUE iv_length) +{ + int len = NUM2INT(iv_length); + EVP_CIPHER_CTX *ctx; + + GetCipher(self, ctx); + if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER)) + ossl_raise(eCipherError, "cipher does not support AEAD"); + + if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, len, NULL)) + ossl_raise(eCipherError, "unable to set IV length"); + + /* + * EVP_CIPHER_CTX_iv_length() returns the default length. So we need to save + * the length somewhere. Luckily currently we aren't using app_data. + */ + EVP_CIPHER_CTX_set_app_data(ctx, (void *)(VALUE)len); + + return iv_length; +} #else #define ossl_cipher_set_auth_data rb_f_notimplement #define ossl_cipher_get_auth_tag rb_f_notimplement #define ossl_cipher_set_auth_tag rb_f_notimplement +#define ossl_cipher_set_auth_tag_len rb_f_notimplement #define ossl_cipher_is_authenticated rb_f_notimplement +#define ossl_cipher_set_iv_length rb_f_notimplement #endif /* @@ -692,36 +777,60 @@ ossl_cipher_set_padding(VALUE self, VALUE padding) return padding; } -#define CIPHER_0ARG_INT(func) \ - static VALUE \ - ossl_cipher_##func(VALUE self) \ - { \ - EVP_CIPHER_CTX *ctx; \ - GetCipher(self, ctx); \ - return INT2NUM(EVP_CIPHER_##func(EVP_CIPHER_CTX_cipher(ctx))); \ - } - /* * call-seq: * cipher.key_len -> integer * * Returns the key length in bytes of the Cipher. */ -CIPHER_0ARG_INT(key_length) +static VALUE +ossl_cipher_key_length(VALUE self) +{ + EVP_CIPHER_CTX *ctx; + + GetCipher(self, ctx); + + return INT2NUM(EVP_CIPHER_CTX_key_length(ctx)); +} + /* * call-seq: * cipher.iv_len -> integer * * Returns the expected length in bytes for an IV for this Cipher. */ -CIPHER_0ARG_INT(iv_length) +static VALUE +ossl_cipher_iv_length(VALUE self) +{ + EVP_CIPHER_CTX *ctx; + int len = 0; + + GetCipher(self, ctx); +#if defined(HAVE_AUTHENTICATED_ENCRYPTION) + if (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER) + len = (int)(VALUE)EVP_CIPHER_CTX_get_app_data(ctx); +#endif + if (!len) + len = EVP_CIPHER_CTX_iv_length(ctx); + + return INT2NUM(len); +} + /* * call-seq: * cipher.block_size -> integer * * Returns the size in bytes of the blocks on which this Cipher operates on. */ -CIPHER_0ARG_INT(block_size) +static VALUE +ossl_cipher_block_size(VALUE self) +{ + EVP_CIPHER_CTX *ctx; + + GetCipher(self, ctx); + + return INT2NUM(EVP_CIPHER_CTX_block_size(ctx)); +} /* * INIT @@ -730,7 +839,8 @@ void Init_ossl_cipher(void) { #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); #endif /* Document-class: OpenSSL::Cipher @@ -843,16 +953,16 @@ Init_ossl_cipher(void) * of the IV as a nonce (number used once) - it's public but random and * unpredictable. A secure random IV can be created as follows * - * cipher = ... - * cipher.encrypt - * key = cipher.random_key - * iv = cipher.random_iv # also sets the generated IV on the Cipher + * cipher = ... + * cipher.encrypt + * key = cipher.random_key + * iv = cipher.random_iv # also sets the generated IV on the Cipher * - * Although the key is generally a random value, too, it is a bad choice - * as an IV. There are elaborate ways how an attacker can take advantage - * of such an IV. As a general rule of thumb, exposing the key directly - * or indirectly should be avoided at all cost and exceptions only be - * made with good reason. + * Although the key is generally a random value, too, it is a bad choice + * as an IV. There are elaborate ways how an attacker can take advantage + * of such an IV. As a general rule of thumb, exposing the key directly + * or indirectly should be avoided at all cost and exceptions only be + * made with good reason. * * === Calling Cipher#final * @@ -906,29 +1016,42 @@ Init_ossl_cipher(void) * could otherwise be exploited to modify ciphertexts in ways beneficial to * potential attackers. * - * If no associated data is needed for encryption and later decryption, - * the OpenSSL library still requires a value to be set - "" may be used in - * case none is available. An example using the GCM (Galois Counter Mode): + * An associated data is used where there is additional information, such as + * headers or some metadata, that must be also authenticated but not + * necessarily need to be encrypted. If no associated data is needed for + * encryption and later decryption, the OpenSSL library still requires a + * value to be set - "" may be used in case none is available. * - * cipher = OpenSSL::Cipher.new("aes-128-gcm") - * cipher.encrypt - * key = cipher.random_key - * iv = cipher.random_iv - * cipher.auth_data = "" + * An example using the GCM (Galois/Counter Mode). You have 16 bytes +key+, + * 12 bytes (96 bits) +nonce+ and the associated data +auth_data+. Be sure + * not to reuse the +key+ and +nonce+ pair. Reusing an nonce ruins the + * security gurantees of GCM mode. + * + * cipher = OpenSSL::Cipher::AES.new(128, :GCM).encrypt + * cipher.key = key + * cipher.iv = nonce + * cipher.auth_data = auth_data * * encrypted = cipher.update(data) + cipher.final - * tag = cipher.auth_tag + * tag = cipher.auth_tag # produces 16 bytes tag by default * - * decipher = OpenSSL::Cipher.new("aes-128-gcm") - * decipher.decrypt + * Now you are the receiver. You know the +key+ and have received +nonce+, + * +auth_data+, +encrypted+ and +tag+ through an untrusted network. Note + * that GCM accepts an arbitrary length tag between 1 and 16 bytes. You may + * additionally need to check that the received tag has the correct length, + * or you allow attackers to forge a valid single byte tag for the tampered + * ciphertext with a probability of 1/256. + * + * raise "tag is truncated!" unless tag.bytesize == 16 + * decipher = OpenSSL::Cipher::AES.new(128, :GCM).decrypt * decipher.key = key - * decipher.iv = iv + * decipher.iv = nonce * decipher.auth_tag = tag - * decipher.auth_data = "" + * decipher.auth_data = auth_data * - * plain = decipher.update(encrypted) + decipher.final + * decrypted = decipher.update(encrypted) + decipher.final * - * puts data == plain #=> true + * puts data == decrypted #=> true */ cCipher = rb_define_class_under(mOSSL, "Cipher", rb_cObject); eCipherError = rb_define_class_under(cCipher, "CipherError", eOSSLError); @@ -948,11 +1071,15 @@ Init_ossl_cipher(void) rb_define_method(cCipher, "auth_data=", ossl_cipher_set_auth_data, 1); rb_define_method(cCipher, "auth_tag=", ossl_cipher_set_auth_tag, 1); rb_define_method(cCipher, "auth_tag", ossl_cipher_get_auth_tag, -1); + rb_define_method(cCipher, "auth_tag_len=", ossl_cipher_set_auth_tag_len, 1); rb_define_method(cCipher, "authenticated?", ossl_cipher_is_authenticated, 0); rb_define_method(cCipher, "key_len=", ossl_cipher_set_key_length, 1); rb_define_method(cCipher, "key_len", ossl_cipher_key_length, 0); rb_define_method(cCipher, "iv=", ossl_cipher_set_iv, 1); + rb_define_method(cCipher, "iv_len=", ossl_cipher_set_iv_length, 1); rb_define_method(cCipher, "iv_len", ossl_cipher_iv_length, 0); rb_define_method(cCipher, "block_size", ossl_cipher_block_size, 0); rb_define_method(cCipher, "padding=", ossl_cipher_set_padding, 1); + + id_auth_tag_len = rb_intern_const("auth_tag_len"); } diff --git a/ext/openssl/ossl_config.c b/ext/openssl/ossl_config.c index 4e00fbe4ad..ebf6ae2a3d 100644 --- a/ext/openssl/ossl_config.c +++ b/ext/openssl/ossl_config.c @@ -26,13 +26,13 @@ VALUE eConfigError; */ /* - * GetConfigPtr is a public C-level function for getting OpenSSL CONF struct + * DupConfigPtr is a public C-level function for getting OpenSSL CONF struct * from an OpenSSL::Config(eConfig) instance. We decided to implement * OpenSSL::Config in Ruby level but we need to pass native CONF struct for * some OpenSSL features such as X509V3_EXT_*. */ CONF * -GetConfigPtr(VALUE obj) +DupConfigPtr(VALUE obj) { CONF *conf; VALUE str; @@ -50,9 +50,10 @@ GetConfigPtr(VALUE obj) if(!NCONF_load_bio(conf, bio, &eline)){ BIO_free(bio); NCONF_free(conf); - if (eline <= 0) ossl_raise(eConfigError, "wrong config format"); - else ossl_raise(eConfigError, "error in line %d", eline); - ossl_raise(eConfigError, NULL); + if (eline <= 0) + ossl_raise(eConfigError, "wrong config format"); + else + ossl_raise(eConfigError, "error in line %d", eline); } BIO_free(bio); @@ -71,6 +72,12 @@ void Init_ossl_config(void) { char *default_config_file; + +#if 0 + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); +#endif + eConfigError = rb_define_class_under(mOSSL, "ConfigError", eOSSLError); cConfig = rb_define_class_under(mOSSL, "Config", rb_cObject); diff --git a/ext/openssl/ossl_config.h b/ext/openssl/ossl_config.h index 077e2f7400..627d297ba3 100644 --- a/ext/openssl/ossl_config.h +++ b/ext/openssl/ossl_config.h @@ -13,7 +13,6 @@ extern VALUE cConfig; extern VALUE eConfigError; -CONF* GetConfigPtr(VALUE obj); CONF* DupConfigPtr(VALUE obj); void Init_ossl_config(void); diff --git a/ext/openssl/ossl_digest.c b/ext/openssl/ossl_digest.c index d137dc57eb..44d961833d 100644 --- a/ext/openssl/ossl_digest.c +++ b/ext/openssl/ossl_digest.c @@ -111,17 +111,16 @@ VALUE ossl_digest_update(VALUE, VALUE); * * Creates a Digest instance based on +string+, which is either the ln * (long name) or sn (short name) of a supported digest algorithm. + * * If +data+ (a +String+) is given, it is used as the initial input to the * Digest instance, i.e. + * * digest = OpenSSL::Digest.new('sha256', 'digestdata') + * * is equal to + * * digest = OpenSSL::Digest.new('sha256') * digest.update('digestdata') - * - * === Example - * digest = OpenSSL::Digest.new('sha1') - * - * */ static VALUE ossl_digest_initialize(int argc, VALUE *argv, VALUE self) @@ -203,7 +202,9 @@ ossl_digest_update(VALUE self, VALUE data) StringValue(data); GetDigest(self, ctx); - EVP_DigestUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data)); + + if (!EVP_DigestUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data))) + ossl_raise(eDigestError, "EVP_DigestUpdate"); return self; } @@ -218,19 +219,21 @@ ossl_digest_finish(int argc, VALUE *argv, VALUE self) { EVP_MD_CTX *ctx; VALUE str; - - rb_scan_args(argc, argv, "01", &str); + int out_len; GetDigest(self, ctx); + rb_scan_args(argc, argv, "01", &str); + out_len = EVP_MD_CTX_size(ctx); if (NIL_P(str)) { - str = rb_str_new(NULL, EVP_MD_CTX_size(ctx)); + str = rb_str_new(NULL, out_len); } else { StringValue(str); - rb_str_resize(str, EVP_MD_CTX_size(ctx)); + rb_str_resize(str, out_len); } - EVP_DigestFinal_ex(ctx, (unsigned char *)RSTRING_PTR(str), NULL); + if (!EVP_DigestFinal_ex(ctx, (unsigned char *)RSTRING_PTR(str), NULL)) + ossl_raise(eDigestError, "EVP_DigestFinal_ex"); return str; } @@ -239,7 +242,7 @@ ossl_digest_finish(int argc, VALUE *argv, VALUE self) * call-seq: * digest.name -> string * - * Returns the sn of this Digest instance. + * Returns the sn of this Digest algorithm. * * === Example * digest = OpenSSL::Digest::SHA512.new @@ -310,7 +313,8 @@ Init_ossl_digest(void) rb_require("digest"); #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); #endif /* Document-class: OpenSSL::Digest diff --git a/ext/openssl/ossl_engine.c b/ext/openssl/ossl_engine.c index 3abc44b34e..f4863b36a4 100644 --- a/ext/openssl/ossl_engine.c +++ b/ext/openssl/ossl_engine.c @@ -161,8 +161,6 @@ ossl_engine_s_load(int argc, VALUE *argv, VALUE klass) * OpenSSL::Engine.load. However, running cleanup before exit is recommended. * * Note that this is needed and works only in OpenSSL < 1.1.0. - * - * See also, https://www.openssl.org/docs/crypto/engine.html */ static VALUE ossl_engine_s_cleanup(VALUE self) @@ -531,6 +529,11 @@ ossl_engine_inspect(VALUE self) void Init_ossl_engine(void) { +#if 0 + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); +#endif + cEngine = rb_define_class_under(mOSSL, "Engine", rb_cObject); eEngineError = rb_define_class_under(cEngine, "EngineError", eOSSLError); @@ -540,6 +543,7 @@ Init_ossl_engine(void) rb_define_singleton_method(cEngine, "engines", ossl_engine_s_engines, 0); rb_define_singleton_method(cEngine, "by_id", ossl_engine_s_by_id, 1); rb_undef_method(CLASS_OF(cEngine), "new"); + rb_undef_method(cEngine, "initialize_copy"); rb_define_method(cEngine, "id", ossl_engine_get_id, 0); rb_define_method(cEngine, "name", ossl_engine_get_name, 0); diff --git a/ext/openssl/ossl_hmac.c b/ext/openssl/ossl_hmac.c index bb4b57846e..270979ed92 100644 --- a/ext/openssl/ossl_hmac.c +++ b/ext/openssl/ossl_hmac.c @@ -162,7 +162,7 @@ ossl_hmac_update(VALUE self, VALUE data) } static void -hmac_final(HMAC_CTX *ctx, unsigned char **buf, unsigned int *buf_len) +hmac_final(HMAC_CTX *ctx, unsigned char *buf, unsigned int *buf_len) { HMAC_CTX *final; @@ -175,12 +175,7 @@ hmac_final(HMAC_CTX *ctx, unsigned char **buf, unsigned int *buf_len) ossl_raise(eHMACError, "HMAC_CTX_copy"); } - if (!(*buf = OPENSSL_malloc(HMAC_size(final)))) { - HMAC_CTX_free(final); - OSSL_Debug("Allocating %d mem", (int)HMAC_size(final)); - ossl_raise(eHMACError, "Cannot allocate memory for hmac"); - } - HMAC_Final(final, *buf, buf_len); + HMAC_Final(final, buf, buf_len); HMAC_CTX_free(final); } @@ -191,26 +186,25 @@ hmac_final(HMAC_CTX *ctx, unsigned char **buf, unsigned int *buf_len) * Returns the authentication code an instance represents as a binary string. * * === Example - * - * instance = OpenSSL::HMAC.new('key', OpenSSL::Digest.new('sha1')) - * #=> f42bb0eeb018ebbd4597ae7213711ec60760843f - * instance.digest - * #=> "\xF4+\xB0\xEE\xB0\x18\xEB\xBDE\x97\xAEr\x13q\x1E\xC6\a`\x84?" - * + * instance = OpenSSL::HMAC.new('key', OpenSSL::Digest.new('sha1')) + * #=> f42bb0eeb018ebbd4597ae7213711ec60760843f + * instance.digest + * #=> "\xF4+\xB0\xEE\xB0\x18\xEB\xBDE\x97\xAEr\x13q\x1E\xC6\a`\x84?" */ static VALUE ossl_hmac_digest(VALUE self) { HMAC_CTX *ctx; - unsigned char *buf; unsigned int buf_len; - VALUE digest; + VALUE ret; GetHMAC(self, ctx); - hmac_final(ctx, &buf, &buf_len); - digest = ossl_buf2str((char *)buf, buf_len); + ret = rb_str_new(NULL, EVP_MAX_MD_SIZE); + hmac_final(ctx, (unsigned char *)RSTRING_PTR(ret), &buf_len); + assert(buf_len <= EVP_MAX_MD_SIZE); + rb_str_set_len(ret, buf_len); - return digest; + return ret; } /* @@ -219,27 +213,21 @@ ossl_hmac_digest(VALUE self) * * Returns the authentication code an instance represents as a hex-encoded * string. - * */ static VALUE ossl_hmac_hexdigest(VALUE self) { HMAC_CTX *ctx; - unsigned char *buf; - char *hexbuf; + unsigned char buf[EVP_MAX_MD_SIZE]; unsigned int buf_len; - VALUE hexdigest; + VALUE ret; GetHMAC(self, ctx); - hmac_final(ctx, &buf, &buf_len); - if (string2hex(buf, buf_len, &hexbuf, NULL) != 2 * (int)buf_len) { - OPENSSL_free(buf); - ossl_raise(eHMACError, "Memory alloc error"); - } - OPENSSL_free(buf); - hexdigest = ossl_buf2str(hexbuf, 2 * buf_len); + hmac_final(ctx, buf, &buf_len); + ret = rb_str_new(NULL, buf_len * 2); + ossl_bin2hex(buf, RSTRING_PTR(ret), buf_len); - return hexdigest; + return ret; } /* @@ -323,22 +311,22 @@ ossl_hmac_s_digest(VALUE klass, VALUE digest, VALUE key, VALUE data) static VALUE ossl_hmac_s_hexdigest(VALUE klass, VALUE digest, VALUE key, VALUE data) { - unsigned char *buf; - char *hexbuf; + unsigned char buf[EVP_MAX_MD_SIZE]; unsigned int buf_len; - VALUE hexdigest; + VALUE ret; StringValue(key); StringValue(data); - buf = HMAC(GetDigestPtr(digest), RSTRING_PTR(key), RSTRING_LENINT(key), - (unsigned char *)RSTRING_PTR(data), RSTRING_LEN(data), NULL, &buf_len); - if (string2hex(buf, buf_len, &hexbuf, NULL) != 2 * (int)buf_len) { - ossl_raise(eHMACError, "Cannot convert buf to hexbuf"); - } - hexdigest = ossl_buf2str(hexbuf, 2 * buf_len); + if (!HMAC(GetDigestPtr(digest), RSTRING_PTR(key), RSTRING_LENINT(key), + (unsigned char *)RSTRING_PTR(data), RSTRING_LEN(data), + buf, &buf_len)) + ossl_raise(eHMACError, "HMAC"); + + ret = rb_str_new(NULL, buf_len * 2); + ossl_bin2hex(buf, RSTRING_PTR(ret), buf_len); - return hexdigest; + return ret; } /* @@ -348,10 +336,38 @@ void Init_ossl_hmac(void) { #if 0 - /* :nodoc: */ - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); #endif + /* + * Document-class: OpenSSL::HMAC + * + * OpenSSL::HMAC allows computing Hash-based Message Authentication Code + * (HMAC). It is a type of message authentication code (MAC) involving a + * hash function in combination with a key. HMAC can be used to verify the + * integrity of a message as well as the authenticity. + * + * OpenSSL::HMAC has a similar interface to OpenSSL::Digest. + * + * === HMAC-SHA256 using one-shot interface + * + * key = "key" + * data = "message-to-be-authenticated" + * mac = OpenSSL::HMAC.hexdigest("SHA256", key, data) + * #=> "cddb0db23f469c8bf072b21fd837149bd6ace9ab771cceef14c9e517cc93282e" + * + * === HMAC-SHA256 using incremental interface + * + * data1 = File.read("file1") + * data2 = File.read("file2") + * key = "key" + * digest = OpenSSL::Digest::SHA256.new + * hmac = OpenSSL::HMAC.new(key, digest) + * hmac << data1 + * hmac << data2 + * mac = hmac.digest + */ eHMACError = rb_define_class_under(mOSSL, "HMACError", eOSSLError); cHMAC = rb_define_class_under(mOSSL, "HMAC", rb_cObject); diff --git a/ext/openssl/ossl_ns_spki.c b/ext/openssl/ossl_ns_spki.c index e93b1b0a80..2f7845b685 100644 --- a/ext/openssl/ossl_ns_spki.c +++ b/ext/openssl/ossl_ns_spki.c @@ -380,7 +380,8 @@ void Init_ossl_ns_spki(void) { #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); #endif mNetscape = rb_define_module_under(mOSSL, "Netscape"); diff --git a/ext/openssl/ossl_ocsp.c b/ext/openssl/ossl_ocsp.c index c0f2dfefb3..a8b3503d2a 100644 --- a/ext/openssl/ossl_ocsp.c +++ b/ext/openssl/ossl_ocsp.c @@ -321,12 +321,17 @@ static VALUE ossl_ocspreq_add_certid(VALUE self, VALUE certid) { OCSP_REQUEST *req; - OCSP_CERTID *id; + OCSP_CERTID *id, *id_new; GetOCSPReq(self, req); GetOCSPCertId(certid, id); - if(!OCSP_request_add0_id(req, OCSP_CERTID_dup(id))) - ossl_raise(eOCSPError, NULL); + + if (!(id_new = OCSP_CERTID_dup(id))) + ossl_raise(eOCSPError, "OCSP_CERTID_dup"); + if (!OCSP_request_add0_id(req, id_new)) { + OCSP_CERTID_free(id_new); + ossl_raise(eOCSPError, "OCSP_request_add0_id"); + } return self; } @@ -368,14 +373,16 @@ ossl_ocspreq_get_certid(VALUE self) * * Signs this OCSP request using +cert+, +key+ and optional +digest+. If * +digest+ is not specified, SHA-1 is used. +certs+ is an optional Array of - * additional certificates that will be included in the request. If +certs+ is - * not specified, flag OpenSSL::OCSP::NOCERTS is set. Pass an empty array to - * include only the signer certificate. + * additional certificates which are included in the request in addition to + * the signer certificate. Note that if +certs+ is nil or not given, flag + * OpenSSL::OCSP::NOCERTS is enabled. Pass an empty array to include only the + * signer certificate. * - * +flags+ can include: - * OpenSSL::OCSP::NOCERTS:: don't include certificates + * +flags+ can be a bitwise OR of the following constants: + * + * OpenSSL::OCSP::NOCERTS:: + * Don't include any certificates in the request. +certs+ will be ignored. */ - static VALUE ossl_ocspreq_sign(int argc, VALUE *argv, VALUE self) { @@ -399,7 +406,7 @@ ossl_ocspreq_sign(int argc, VALUE *argv, VALUE self) else md = GetDigestPtr(digest); if (NIL_P(certs)) - flags |= OCSP_NOCERTS; + flg |= OCSP_NOCERTS; else x509s = ossl_x509_ary2sk(certs); @@ -435,7 +442,7 @@ ossl_ocspreq_verify(int argc, VALUE *argv, VALUE self) x509s = ossl_x509_ary2sk(certs); result = OCSP_request_verify(req, x509s, x509st, flg); sk_X509_pop_free(x509s, X509_free); - if (!result) + if (result <= 0) ossl_clear_error(); return result > 0 ? Qtrue : Qfalse; @@ -856,13 +863,11 @@ ossl_ocspbres_add_status(VALUE self, VALUE cid, VALUE status, X509_EXTENSION *x509ext; for(i = 0; i < RARRAY_LEN(ext); i++){ - x509ext = DupX509ExtPtr(RARRAY_AREF(ext, i)); + x509ext = GetX509ExtPtr(RARRAY_AREF(ext, i)); if(!OCSP_SINGLERESP_add_ext(single, x509ext, -1)){ - X509_EXTENSION_free(x509ext); error = 1; goto err; } - X509_EXTENSION_free(x509ext); } } @@ -911,7 +916,7 @@ ossl_ocspbres_get_status(VALUE self) status = OCSP_single_get0_status(single, &reason, &revtime, &thisupd, &nextupd); if(status < 0) continue; - if(!(cid = OCSP_CERTID_dup(OCSP_SINGLERESP_get0_id(single)))) + if(!(cid = OCSP_CERTID_dup((OCSP_CERTID *)OCSP_SINGLERESP_get0_id(single)))) /* FIXME */ ossl_raise(eOCSPError, NULL); ary = rb_ary_new(); rb_ary_push(ary, ossl_ocspcertid_new(cid)); @@ -1065,9 +1070,57 @@ ossl_ocspbres_verify(int argc, VALUE *argv, VALUE self) x509st = GetX509StorePtr(store); flg = NIL_P(flags) ? 0 : NUM2INT(flags); x509s = ossl_x509_ary2sk(certs); +#if (OPENSSL_VERSION_NUMBER < 0x1000202fL) || defined(LIBRESSL_VERSION_NUMBER) + /* + * OpenSSL had a bug that it doesn't use the certificates in x509s for + * verifying the chain. This can be a problem when the response is signed by + * a certificate issued by an intermediate CA. + * + * root_ca + * | + * intermediate_ca + * |-------------| + * end_entity ocsp_signer + * + * When the certificate hierarchy is like this, and the response contains + * only ocsp_signer certificate, the following code wrongly fails. + * + * store = OpenSSL::X509::Store.new; store.add_cert(root_ca) + * basic_response.verify([intermediate_ca], store) + * + * So add the certificates in x509s to the embedded certificates list first. + * + * This is fixed in OpenSSL 0.9.8zg, 1.0.0s, 1.0.1n, 1.0.2b. But it still + * exists in LibreSSL 2.1.10, 2.2.9, 2.3.6, 2.4.1. + */ + if (!(flg & (OCSP_NOCHAIN | OCSP_NOVERIFY)) && + sk_X509_num(x509s) && sk_X509_num(bs->certs)) { + int i; + + bs = ASN1_item_dup(ASN1_ITEM_rptr(OCSP_BASICRESP), bs); + if (!bs) { + sk_X509_pop_free(x509s, X509_free); + ossl_raise(eOCSPError, "ASN1_item_dup"); + } + + for (i = 0; i < sk_X509_num(x509s); i++) { + if (!OCSP_basic_add1_cert(bs, sk_X509_value(x509s, i))) { + sk_X509_pop_free(x509s, X509_free); + OCSP_BASICRESP_free(bs); + ossl_raise(eOCSPError, "OCSP_basic_add1_cert"); + } + } + result = OCSP_basic_verify(bs, x509s, x509st, flg); + OCSP_BASICRESP_free(bs); + } + else { + result = OCSP_basic_verify(bs, x509s, x509st, flg); + } +#else result = OCSP_basic_verify(bs, x509s, x509st, flg); +#endif sk_X509_pop_free(x509s, X509_free); - if (!result) + if (result <= 0) ossl_clear_error(); return result > 0 ? Qtrue : Qfalse; @@ -1228,7 +1281,7 @@ ossl_ocspsres_get_certid(VALUE self) OCSP_CERTID *id; GetOCSPSingleRes(self, sres); - id = OCSP_CERTID_dup(OCSP_SINGLERESP_get0_id(sres)); + id = OCSP_CERTID_dup((OCSP_CERTID *)OCSP_SINGLERESP_get0_id(sres)); /* FIXME */ return ossl_ocspcertid_new(id); } @@ -1549,15 +1602,15 @@ ossl_ocspcid_get_issuer_name_hash(VALUE self) { OCSP_CERTID *id; ASN1_OCTET_STRING *name_hash; - char *hexbuf; + VALUE ret; GetOCSPCertId(self, id); OCSP_id_get0_info(&name_hash, NULL, NULL, NULL, id); - if (string2hex(name_hash->data, name_hash->length, &hexbuf, NULL) < 0) - ossl_raise(eOCSPError, "string2hex"); + ret = rb_str_new(NULL, name_hash->length * 2); + ossl_bin2hex(name_hash->data, RSTRING_PTR(ret), name_hash->length); - return ossl_buf2str(hexbuf, name_hash->length * 2); + return ret; } /* @@ -1572,15 +1625,15 @@ ossl_ocspcid_get_issuer_key_hash(VALUE self) { OCSP_CERTID *id; ASN1_OCTET_STRING *key_hash; - char *hexbuf; + VALUE ret; GetOCSPCertId(self, id); OCSP_id_get0_info(NULL, NULL, &key_hash, NULL, id); - if (string2hex(key_hash->data, key_hash->length, &hexbuf, NULL) < 0) - ossl_raise(eOCSPError, "string2hex"); + ret = rb_str_new(NULL, key_hash->length * 2); + ossl_bin2hex(key_hash->data, RSTRING_PTR(ret), key_hash->length); - return ossl_buf2str(hexbuf, key_hash->length * 2); + return ret; } /* @@ -1639,6 +1692,11 @@ ossl_ocspcid_to_der(VALUE self) void Init_ossl_ocsp(void) { +#if 0 + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); +#endif + /* * OpenSSL::OCSP implements Online Certificate Status Protocol requests * and responses. diff --git a/ext/openssl/ossl_pkcs12.c b/ext/openssl/ossl_pkcs12.c index 5f849723a6..a7daad208e 100644 --- a/ext/openssl/ossl_pkcs12.c +++ b/ext/openssl/ossl_pkcs12.c @@ -65,6 +65,25 @@ ossl_pkcs12_s_allocate(VALUE klass) return obj; } +static VALUE +ossl_pkcs12_initialize_copy(VALUE self, VALUE other) +{ + PKCS12 *p12, *p12_old, *p12_new; + + rb_check_frozen(self); + GetPKCS12(self, p12_old); + SafeGetPKCS12(other, p12); + + p12_new = ASN1_dup((i2d_of_void *)i2d_PKCS12, (d2i_of_void *)d2i_PKCS12, (char *)p12); + if (!p12_new) + ossl_raise(ePKCS12Error, "ASN1_dup"); + + SetPKCS12(self, p12_new); + PKCS12_free(p12_old); + + return self; +} + /* * call-seq: * PKCS12.create(pass, name, key, cert [, ca, [, key_pbe [, cert_pbe [, key_iter [, mac_iter [, keytype]]]]]]) @@ -74,8 +93,8 @@ ossl_pkcs12_s_allocate(VALUE klass) * * +name+ - A string describing the key. * * +key+ - Any PKey. * * +cert+ - A X509::Certificate. - * * * The public_key portion of the certificate must contain a valid public key. - * * * The not_before and not_after fields must be filled in. + * * The public_key portion of the certificate must contain a valid public key. + * * The not_before and not_after fields must be filled in. * * +ca+ - An optional array of X509::Certificate's. * * +key_pbe+ - string * * +cert_pbe+ - string @@ -104,7 +123,6 @@ ossl_pkcs12_s_create(int argc, VALUE *argv, VALUE self) friendlyname = NIL_P(name) ? NULL : StringValueCStr(name); key = GetPKeyPtr(pkey); x509 = GetX509CertPtr(cert); - x509s = NIL_P(ca) ? NULL : ossl_x509_ary2sk(ca); /* TODO: make a VALUE to nid function */ if (!NIL_P(key_nid)) { if ((nkey = OBJ_txt2nid(StringValueCStr(key_nid))) == NID_undef) @@ -122,6 +140,7 @@ ossl_pkcs12_s_create(int argc, VALUE *argv, VALUE self) ktype = NUM2INT(keytype); obj = NewPKCS12(cPKCS12); + x509s = NIL_P(ca) ? NULL : ossl_x509_ary2sk(ca); p12 = PKCS12_create(passphrase, friendlyname, key, x509, x509s, nkey, ncert, kiter, miter, ktype); sk_X509_pop_free(x509s, X509_free); @@ -171,14 +190,14 @@ ossl_pkcs12_initialize(int argc, VALUE *argv, VALUE self) if(!PKCS12_parse(pkcs, passphrase, &key, &x509, &x509s)) ossl_raise(ePKCS12Error, "PKCS12_parse"); ERR_pop_to_mark(); - pkey = rb_protect((VALUE(*)_((VALUE)))ossl_pkey_new, (VALUE)key, + pkey = rb_protect((VALUE (*)(VALUE))ossl_pkey_new, (VALUE)key, &st); /* NO DUP */ if(st) goto err; - cert = rb_protect((VALUE(*)_((VALUE)))ossl_x509_new, (VALUE)x509, &st); + cert = rb_protect((VALUE (*)(VALUE))ossl_x509_new, (VALUE)x509, &st); if(st) goto err; if(x509s){ ca = - rb_protect((VALUE(*)_((VALUE)))ossl_x509_sk2ary, (VALUE)x509s, &st); + rb_protect((VALUE (*)(VALUE))ossl_x509_sk2ary, (VALUE)x509s, &st); if(st) goto err; } @@ -216,6 +235,11 @@ ossl_pkcs12_to_der(VALUE self) void Init_ossl_pkcs12(void) { +#if 0 + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); +#endif + /* * Defines a file format commonly used to store private keys with * accompanying public key certificates, protected with a password-based @@ -226,6 +250,7 @@ Init_ossl_pkcs12(void) rb_define_singleton_method(cPKCS12, "create", ossl_pkcs12_s_create, -1); rb_define_alloc_func(cPKCS12, ossl_pkcs12_s_allocate); + rb_define_copy_func(cPKCS12, ossl_pkcs12_initialize_copy); rb_attr(cPKCS12, rb_intern("key"), 1, 0, Qfalse); rb_attr(cPKCS12, rb_intern("certificate"), 1, 0, Qfalse); rb_attr(cPKCS12, rb_intern("ca_certs"), 1, 0, Qfalse); diff --git a/ext/openssl/ossl_pkcs5.c b/ext/openssl/ossl_pkcs5.c index 56ed65fb9d..47c5bfa3b8 100644 --- a/ext/openssl/ossl_pkcs5.c +++ b/ext/openssl/ossl_pkcs5.c @@ -18,7 +18,7 @@ VALUE ePKCS5; * * +keylen+ - integer * * +digest+ - a string or OpenSSL::Digest object. * - * Available in OpenSSL 0.9.4. + * Available in OpenSSL >= 1.0.0. * * Digests other than SHA1 may not be supported by other cryptography libraries. */ @@ -60,7 +60,7 @@ ossl_pkcs5_pbkdf2_hmac(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE key * * This method is available in almost any version of OpenSSL. * - * Conforms to rfc2898. + * Conforms to RFC 2898. */ static VALUE ossl_pkcs5_pbkdf2_hmac_sha1(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE keylen) @@ -84,14 +84,10 @@ ossl_pkcs5_pbkdf2_hmac_sha1(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALU void Init_ossl_pkcs5(void) { - /* - * Password-based Encryption - * - */ - - #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ - #endif +#if 0 + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); +#endif /* Document-class: OpenSSL::PKCS5 * @@ -104,7 +100,7 @@ Init_ossl_pkcs5(void) * * PKCS5 offers support for PBKDF2 with an OpenSSL::Digest::SHA1-based * HMAC, or an arbitrary Digest if the underlying version of OpenSSL - * already supports it (>= 0.9.4). + * already supports it (>= 1.0.0). * * === Parameters * ==== Password diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c index 5b7c07de2c..fd58b48be8 100644 --- a/ext/openssl/ossl_pkcs7.c +++ b/ext/openssl/ossl_pkcs7.c @@ -772,7 +772,9 @@ ossl_pkcs7_verify(int argc, VALUE *argv, VALUE self) VALUE data; const char *msg; + GetPKCS7(self, p7); rb_scan_args(argc, argv, "22", &certs, &store, &indata, &flags); + x509st = GetX509StorePtr(store); flg = NIL_P(flags) ? 0 : NUM2INT(flags); if(NIL_P(indata)) indata = ossl_pkcs7_get_data(self); in = NIL_P(indata) ? NULL : ossl_obj2bio(indata); @@ -784,8 +786,6 @@ ossl_pkcs7_verify(int argc, VALUE *argv, VALUE self) rb_jump_tag(status); } } - x509st = GetX509StorePtr(store); - GetPKCS7(self, p7); if(!(out = BIO_new(BIO_s_mem()))){ BIO_free(in); sk_X509_pop_free(x509s, X509_free); @@ -793,13 +793,13 @@ ossl_pkcs7_verify(int argc, VALUE *argv, VALUE self) } ok = PKCS7_verify(p7, x509s, x509st, in, out, flg); BIO_free(in); - if (ok < 0) ossl_raise(ePKCS7Error, NULL); + sk_X509_pop_free(x509s, X509_free); + if (ok < 0) ossl_raise(ePKCS7Error, "PKCS7_verify"); msg = ERR_reason_error_string(ERR_get_error()); ossl_pkcs7_set_err_string(self, msg ? rb_str_new2(msg) : Qnil); ossl_clear_error(); data = ossl_membio2str(out); ossl_pkcs7_set_data(self, data); - sk_X509_pop_free(x509s, X509_free); return (ok == 1) ? Qtrue : Qfalse; } @@ -839,12 +839,12 @@ ossl_pkcs7_add_data(VALUE self, VALUE data) char buf[4096]; int len; - in = ossl_obj2bio(data); GetPKCS7(self, pkcs7); if(PKCS7_type_is_signed(pkcs7)){ if(!PKCS7_content_new(pkcs7, NID_pkcs7_data)) ossl_raise(ePKCS7Error, NULL); } + in = ossl_obj2bio(data); if(!(out = PKCS7_dataInit(pkcs7, NULL))) goto err; for(;;){ if((len = BIO_read(in, buf, sizeof(buf))) <= 0) @@ -856,7 +856,7 @@ ossl_pkcs7_add_data(VALUE self, VALUE data) ossl_pkcs7_set_data(self, Qnil); err: - BIO_free(out); + BIO_free_all(out); BIO_free(in); if(ERR_peek_error()){ ossl_raise(ePKCS7Error, NULL); @@ -1054,6 +1054,11 @@ ossl_pkcs7ri_get_enc_key(VALUE self) void Init_ossl_pkcs7(void) { +#if 0 + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); +#endif + cPKCS7 = rb_define_class_under(mOSSL, "PKCS7", rb_cObject); ePKCS7Error = rb_define_class_under(cPKCS7, "PKCS7Error", eOSSLError); rb_define_singleton_method(cPKCS7, "read_smime", ossl_pkcs7_s_read_smime, 1); diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c index 4ae8e14e3e..3c7c5e1781 100644 --- a/ext/openssl/ossl_pkey.c +++ b/ext/openssl/ossl_pkey.c @@ -15,7 +15,7 @@ VALUE mPKey; VALUE cPKey; VALUE ePKeyError; -ID id_private_q; +static ID id_private_q; /* * callback for generating keys @@ -123,16 +123,19 @@ ossl_pkey_new_from_file(VALUE filename) /* * call-seq: - * OpenSSL::PKey.read(string [, pwd ] ) -> PKey - * OpenSSL::PKey.read(file [, pwd ]) -> PKey + * OpenSSL::PKey.read(string [, pwd ]) -> PKey + * OpenSSL::PKey.read(io [, pwd ]) -> PKey + * + * Reads a DER or PEM encoded string from +string+ or +io+ and returns an + * instance of the appropriate PKey class. * * === Parameters * * +string+ is a DER- or PEM-encoded string containing an arbitrary private - * or public key. - * * +file+ is an instance of +File+ containing a DER- or PEM-encoded - * arbitrary private or public key. + * or public key. + * * +io+ is an instance of +IO+ containing a DER- or PEM-encoded + * arbitrary private or public key. * * +pwd+ is an optional password in case +string+ or +file+ is an encrypted - * PEM resource. + * PEM resource. */ static VALUE ossl_pkey_new_from_data(int argc, VALUE *argv, VALUE self) @@ -158,7 +161,8 @@ ossl_pkey_new_from_data(int argc, VALUE *argv, VALUE self) BIO_free(bio); if (!pkey) - ossl_raise(rb_eArgError, "Could not parse PKey"); + ossl_raise(ePKeyError, "Could not parse PKey"); + return ossl_pkey_new(pkey); } @@ -196,20 +200,6 @@ DupPKeyPtr(VALUE obj) return pkey; } -EVP_PKEY * -DupPrivPKeyPtr(VALUE obj) -{ - EVP_PKEY *pkey; - - if (rb_funcallv(obj, id_private_q, 0, NULL) != Qtrue) { - ossl_raise(rb_eArgError, "Private key is needed."); - } - SafeGetPKey(obj, pkey); - EVP_PKEY_up_ref(pkey); - - return pkey; -} - /* * Private */ @@ -271,9 +261,7 @@ ossl_pkey_sign(VALUE self, VALUE digest, VALUE data) VALUE str; int result; - if (rb_funcallv(self, id_private_q, 0, NULL) != Qtrue) - ossl_raise(rb_eArgError, "Private key is needed."); - GetPKey(self, pkey); + pkey = GetPrivPKeyPtr(self); md = GetDigestPtr(digest); StringValue(data); str = rb_str_new(0, EVP_PKEY_size(pkey)+16); @@ -336,6 +324,7 @@ ossl_pkey_verify(VALUE self, VALUE digest, VALUE sig, VALUE data) EVP_MD_CTX_free(ctx); switch (result) { case 0: + ossl_clear_error(); return Qfalse; case 1: return Qtrue; @@ -352,7 +341,8 @@ void Init_ossl_pkey(void) { #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); #endif /* Document-module: OpenSSL::PKey diff --git a/ext/openssl/ossl_pkey.h b/ext/openssl/ossl_pkey.h index 1f68352cdc..218f2ebbae 100644 --- a/ext/openssl/ossl_pkey.h +++ b/ext/openssl/ossl_pkey.h @@ -13,7 +13,6 @@ extern VALUE mPKey; extern VALUE cPKey; extern VALUE ePKeyError; -extern ID id_private_q; extern const rb_data_type_t ossl_evp_pkey_type; #define OSSL_PKEY_SET_PRIVATE(obj) rb_iv_set((obj), "private", Qtrue) @@ -53,7 +52,6 @@ VALUE ossl_pkey_new_from_file(VALUE); EVP_PKEY *GetPKeyPtr(VALUE); EVP_PKEY *DupPKeyPtr(VALUE); EVP_PKEY *GetPrivPKeyPtr(VALUE); -EVP_PKEY *DupPrivPKeyPtr(VALUE); void Init_ossl_pkey(void); /* diff --git a/ext/openssl/ossl_pkey_dh.c b/ext/openssl/ossl_pkey_dh.c index 139af15230..938efe1abc 100644 --- a/ext/openssl/ossl_pkey_dh.c +++ b/ext/openssl/ossl_pkey_dh.c @@ -175,8 +175,10 @@ ossl_dh_s_generate(int argc, VALUE *argv, VALUE klass) } /* - * call-seq: - * DH.new([size [, generator] | string]) -> dh + * call-seq: + * DH.new -> dh + * DH.new(string) -> dh + * DH.new(size [, generator]) -> dh * * Either generates a DH instance from scratch or by reading already existing * DH parameters from +string+. Note that when reading a DH instance from @@ -210,11 +212,11 @@ ossl_dh_initialize(int argc, VALUE *argv, VALUE self) if(rb_scan_args(argc, argv, "02", &arg, &gen) == 0) { dh = DH_new(); } - else if (FIXNUM_P(arg)) { + else if (RB_INTEGER_TYPE_P(arg)) { if (!NIL_P(gen)) { g = NUM2INT(gen); } - if (!(dh = dh_generate(FIX2INT(arg), g))) { + if (!(dh = dh_generate(NUM2INT(arg), g))) { ossl_raise(eDHError, NULL); } } @@ -525,7 +527,7 @@ ossl_dh_generate_key(VALUE self) * * === Parameters * * +pub_bn+ is a OpenSSL::BN, *not* the DH instance returned by - * DH#public_key as that contains the DH parameters only. + * DH#public_key as that contains the DH parameters only. */ static VALUE ossl_dh_compute_key(VALUE self, VALUE pub) @@ -550,7 +552,21 @@ ossl_dh_compute_key(VALUE self, VALUE pub) return str; } +/* + * Document-method: OpenSSL::PKey::DH#set_pqg + * call-seq: + * dh.set_pqg(p, q, g) -> self + * + * Sets +p+, +q+, +g+ for the DH instance. + */ OSSL_PKEY_BN_DEF3(dh, DH, pqg, p, q, g) +/* + * Document-method: OpenSSL::PKey::DH#set_key + * call-seq: + * dh.set_key(pub_key, priv_key) -> self + * + * Sets +pub_key+ and +priv_key+ for the DH instance. +priv_key+ may be nil. + */ OSSL_PKEY_BN_DEF2(dh, DH, key, pub_key, priv_key) /* @@ -560,8 +576,9 @@ void Init_ossl_dh(void) { #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL and mPKey */ mPKey = rb_define_module_under(mOSSL, "PKey"); + cPKey = rb_define_class_under(mPKey, "PKey", rb_cObject); + ePKeyError = rb_define_class_under(mPKey, "PKeyError", eOSSLError); #endif /* Document-class: OpenSSL::PKey::DHError @@ -578,15 +595,15 @@ Init_ossl_dh(void) * on. * * === Accessor methods for the Diffie-Hellman parameters - * * DH#p - * The prime (an OpenSSL::BN) of the Diffie-Hellman parameters. - * * DH#g - * The generator (an OpenSSL::BN) g of the Diffie-Hellman parameters. - * * DH#pub_key - * The per-session public key (an OpenSSL::BN) matching the private key. - * This needs to be passed to DH#compute_key. - * * DH#priv_key - * The per-session private key, an OpenSSL::BN. + * DH#p:: + * The prime (an OpenSSL::BN) of the Diffie-Hellman parameters. + * DH#g:: + * The generator (an OpenSSL::BN) g of the Diffie-Hellman parameters. + * DH#pub_key:: + * The per-session public key (an OpenSSL::BN) matching the private key. + * This needs to be passed to DH#compute_key. + * DH#priv_key:: + * The per-session private key, an OpenSSL::BN. * * === Example of a key exchange * dh1 = OpenSSL::PKey::DH.new(2048) diff --git a/ext/openssl/ossl_pkey_dsa.c b/ext/openssl/ossl_pkey_dsa.c index 1ddc0d48f1..3821cd813c 100644 --- a/ext/openssl/ossl_pkey_dsa.c +++ b/ext/openssl/ossl_pkey_dsa.c @@ -95,8 +95,6 @@ ossl_dsa_new(EVP_PKEY *pkey) struct dsa_blocking_gen_arg { DSA *dsa; int size; - unsigned char* seed; - int seed_len; int *counter; unsigned long *h; BN_GENCB *cb; @@ -107,7 +105,8 @@ static void * dsa_blocking_gen(void *arg) { struct dsa_blocking_gen_arg *gen = (struct dsa_blocking_gen_arg *)arg; - gen->result = DSA_generate_parameters_ex(gen->dsa, gen->size, gen->seed, gen->seed_len, gen->counter, gen->h, gen->cb); + gen->result = DSA_generate_parameters_ex(gen->dsa, gen->size, NULL, 0, + gen->counter, gen->h, gen->cb); return 0; } @@ -118,13 +117,9 @@ dsa_generate(int size) struct dsa_blocking_gen_arg gen_arg; DSA *dsa = DSA_new(); BN_GENCB *cb = BN_GENCB_new(); - unsigned char seed[20]; - int seed_len = 20, counter; + int counter; unsigned long h; - if (RAND_bytes(seed, seed_len) <= 0) - return NULL; - if (!dsa || !cb) { DSA_free(dsa); BN_GENCB_free(cb); @@ -136,8 +131,6 @@ dsa_generate(int size) BN_GENCB_set(cb, ossl_generate_cb_2, &cb_arg); gen_arg.dsa = dsa; gen_arg.size = size; - gen_arg.seed = seed; - gen_arg.seed_len = seed_len; gen_arg.counter = &counter; gen_arg.h = &h; gen_arg.cb = cb; @@ -198,7 +191,9 @@ ossl_dsa_s_generate(VALUE klass, VALUE size) /* * call-seq: - * DSA.new([size | string [, pass]) -> dsa + * DSA.new -> dsa + * DSA.new(size) -> dsa + * DSA.new(string [, pass]) -> dsa * * Creates a new DSA instance by reading an existing key from +string+. * @@ -226,8 +221,8 @@ ossl_dsa_initialize(int argc, VALUE *argv, VALUE self) if(rb_scan_args(argc, argv, "02", &arg, &pass) == 0) { dsa = DSA_new(); } - else if (FIXNUM_P(arg)) { - if (!(dsa = dsa_generate(FIX2INT(arg)))) { + else if (RB_INTEGER_TYPE_P(arg)) { + if (!(dsa = dsa_generate(NUM2INT(arg)))) { ossl_raise(eDSAError, NULL); } } @@ -387,14 +382,14 @@ static VALUE ossl_dsa_to_der(VALUE self) { DSA *dsa; - int (*i2d_func)_((DSA*, unsigned char**)); + int (*i2d_func)(DSA *, unsigned char **); unsigned char *p; long len; VALUE str; GetDSA(self, dsa); if(DSA_HAS_PRIVATE(dsa)) - i2d_func = (int(*)_((DSA*,unsigned char**)))i2d_DSAPrivateKey; + i2d_func = (int (*)(DSA *,unsigned char **))i2d_DSAPrivateKey; else i2d_func = i2d_DSA_PUBKEY; if((len = i2d_func(dsa, NULL)) <= 0) @@ -592,7 +587,21 @@ ossl_dsa_verify(VALUE self, VALUE digest, VALUE sig) return Qfalse; } +/* + * Document-method: OpenSSL::PKey::DSA#set_pqg + * call-seq: + * dsa.set_pqg(p, q, g) -> self + * + * Sets +p+, +q+, +g+ for the DSA instance. + */ OSSL_PKEY_BN_DEF3(dsa, DSA, pqg, p, q, g) +/* + * Document-method: OpenSSL::PKey::DSA#set_key + * call-seq: + * dsa.set_key(pub_key, priv_key) -> self + * + * Sets +pub_key+ and +priv_key+ for the DSA instance. +priv_key+ may be nil. + */ OSSL_PKEY_BN_DEF2(dsa, DSA, key, pub_key, priv_key) /* @@ -602,8 +611,9 @@ void Init_ossl_dsa(void) { #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL and mPKey */ mPKey = rb_define_module_under(mOSSL, "PKey"); + cPKey = rb_define_class_under(mPKey, "PKey", rb_cObject); + ePKeyError = rb_define_class_under(mPKey, "PKeyError", eOSSLError); #endif /* Document-class: OpenSSL::PKey::DSAError diff --git a/ext/openssl/ossl_pkey_ec.c b/ext/openssl/ossl_pkey_ec.c index 43eebd26e8..1b7705fd22 100644 --- a/ext/openssl/ossl_pkey_ec.c +++ b/ext/openssl/ossl_pkey_ec.c @@ -108,6 +108,8 @@ static ID ID_uncompressed; static ID ID_compressed; static ID ID_hybrid; +static ID id_i_group, id_i_key; + static VALUE ec_instance(VALUE klass, EC_KEY *ec) { EVP_PKEY *pkey; @@ -213,17 +215,16 @@ ossl_ec_key_s_generate(VALUE klass, VALUE arg) return obj; } -/* call-seq: - * OpenSSL::PKey::EC.new() - * OpenSSL::PKey::EC.new(ec_key) - * OpenSSL::PKey::EC.new(ec_group) - * OpenSSL::PKey::EC.new("secp112r1") - * OpenSSL::PKey::EC.new(pem_string) - * OpenSSL::PKey::EC.new(pem_string [, pwd]) - * OpenSSL::PKey::EC.new(der_string) +/* + * call-seq: + * OpenSSL::PKey::EC.new + * OpenSSL::PKey::EC.new(ec_key) + * OpenSSL::PKey::EC.new(ec_group) + * OpenSSL::PKey::EC.new("secp112r1") + * OpenSSL::PKey::EC.new(pem_string [, pwd]) + * OpenSSL::PKey::EC.new(der_string) * - * See the OpenSSL documentation for: - * EC_KEY_* + * Creates a new EC object from given arguments. */ static VALUE ossl_ec_key_initialize(int argc, VALUE *argv, VALUE self) { @@ -280,7 +281,7 @@ static VALUE ossl_ec_key_initialize(int argc, VALUE *argv, VALUE self) ossl_raise(eECError, "EVP_PKEY_assign_EC_KEY"); } - rb_iv_set(self, "@group", Qnil); + rb_ivar_set(self, id_i_group, Qnil); return self; } @@ -303,7 +304,7 @@ ossl_ec_key_initialize_copy(VALUE self, VALUE other) EC_KEY_free(ec_new); ossl_raise(eECError, "EVP_PKEY_assign_EC_KEY"); } - rb_iv_set(self, "@group", Qnil); /* EC_KEY_dup() also copies the EC_GROUP */ + rb_ivar_set(self, id_i_group, Qnil); /* EC_KEY_dup() also copies the EC_GROUP */ return self; } @@ -324,7 +325,7 @@ static VALUE ossl_ec_key_get_group(VALUE self) Require_EC_KEY(self, ec); - group_v = rb_iv_get(self, "@group"); + group_v = rb_attr_get(self, id_i_group); if (!NIL_P(group_v)) return group_v; @@ -333,8 +334,8 @@ static VALUE ossl_ec_key_get_group(VALUE self) SafeGet_ec_group(group_v, ec_group); ec_group->group = group; ec_group->dont_free = 1; - rb_iv_set(group_v, "@key", self); - rb_iv_set(self, "@group", group_v); + rb_ivar_set(group_v, id_i_key, self); + rb_ivar_set(self, id_i_group, group_v); return group_v; } @@ -366,17 +367,17 @@ static VALUE ossl_ec_key_set_group(VALUE self, VALUE group_v) Require_EC_KEY(self, ec); SafeRequire_EC_GROUP(group_v, group); - old_group_v = rb_iv_get(self, "@group"); + old_group_v = rb_attr_get(self, id_i_group); if (!NIL_P(old_group_v)) { ossl_ec_group *old_ec_group; SafeGet_ec_group(old_group_v, old_ec_group); old_ec_group->group = NULL; old_ec_group->dont_free = 0; - rb_iv_set(old_group_v, "@key", Qnil); + rb_ivar_set(old_group_v, id_i_key, Qnil); } - rb_iv_set(self, "@group", Qnil); + rb_ivar_set(self, id_i_group, Qnil); if (EC_KEY_set_group(ec, group) != 1) ossl_raise(eECError, "EC_KEY_set_group"); @@ -446,7 +447,7 @@ static VALUE ossl_ec_point_dup(const EC_POINT *point, VALUE group_v) new_point->point = EC_POINT_dup(point, group); if (new_point->point == NULL) ossl_raise(eEC_POINT, "EC_POINT_dup"); - rb_iv_set(obj, "@group", group_v); + rb_ivar_set(obj, id_i_group, group_v); return obj; } @@ -542,6 +543,7 @@ static VALUE ossl_ec_key_to_string(VALUE self, VALUE ciph, VALUE pass, int forma int i = -1; int private = 0; VALUE str; + const EVP_CIPHER *cipher = NULL; Require_EC_KEY(self, ec); @@ -554,17 +556,17 @@ static VALUE ossl_ec_key_to_string(VALUE self, VALUE ciph, VALUE pass, int forma if (EC_KEY_get0_private_key(ec)) private = 1; + if (!NIL_P(ciph)) { + cipher = GetCipherPtr(ciph); + pass = ossl_pem_passwd_value(pass); + } + if (!(out = BIO_new(BIO_s_mem()))) ossl_raise(eECError, "BIO_new(BIO_s_mem())"); switch(format) { case EXPORT_PEM: if (private) { - const EVP_CIPHER *cipher = NULL; - if (!NIL_P(ciph)) { - cipher = GetCipherPtr(ciph); - pass = ossl_pem_passwd_value(pass); - } i = PEM_write_bio_ECPrivateKey(out, ec, cipher, NULL, 0, ossl_pem_passwd_cb, (void *)pass); } else { i = PEM_write_bio_EC_PUBKEY(out, ec); @@ -599,12 +601,10 @@ static VALUE ossl_ec_key_to_string(VALUE self, VALUE ciph, VALUE pass, int forma * key.export([cipher, pass_phrase]) => String * key.to_pem([cipher, pass_phrase]) => String * - * Outputs the EC key in PEM encoding. If +cipher+ and +pass_phrase+ are - * given they will be used to encrypt the key. +cipher+ must be an - * OpenSSL::Cipher::Cipher instance. Note that encryption will only be - * effective for a private key, public keys will always be encoded in plain - * text. - * + * Outputs the EC key in PEM encoding. If +cipher+ and +pass_phrase+ are given + * they will be used to encrypt the key. +cipher+ must be an OpenSSL::Cipher + * instance. Note that encryption will only be effective for a private key, + * public keys will always be encoded in plain text. */ static VALUE ossl_ec_key_export(int argc, VALUE *argv, VALUE self) { @@ -804,21 +804,26 @@ static VALUE ossl_ec_group_alloc(VALUE klass) return obj; } -/* call-seq: - * OpenSSL::PKey::EC::Group.new("secp112r1") - * OpenSSL::PKey::EC::Group.new(ec_group) - * OpenSSL::PKey::EC::Group.new(pem_string) - * OpenSSL::PKey::EC::Group.new(der_string) - * OpenSSL::PKey::EC::Group.new(pem_file) - * OpenSSL::PKey::EC::Group.new(der_file) - * OpenSSL::PKey::EC::Group.new(:GFp_simple) - * OpenSSL::PKey::EC::Group.new(:GFp_mult) - * OpenSSL::PKey::EC::Group.new(:GFp_nist) - * OpenSSL::PKey::EC::Group.new(:GF2m_simple) - * OpenSSL::PKey::EC::Group.new(:GFp, bignum_p, bignum_a, bignum_b) - * OpenSSL::PKey::EC::Group.new(:GF2m, bignum_p, bignum_a, bignum_b) +/* + * call-seq: + * OpenSSL::PKey::EC::Group.new(ec_group) + * OpenSSL::PKey::EC::Group.new(pem_or_der_encoded) + * OpenSSL::PKey::EC::Group.new(ec_method) + * OpenSSL::PKey::EC::Group.new(:GFp, bignum_p, bignum_a, bignum_b) + * OpenSSL::PKey::EC::Group.new(:GF2m, bignum_p, bignum_a, bignum_b) + * + * Creates a new EC::Group object. * - * See the OpenSSL documentation for EC_GROUP_* + * +ec_method+ is a symbol that represents an EC_METHOD. Currently the following + * are supported: + * + * * :GFp_simple + * * :GFp_mont + * * :GFp_nist + * * :GF2m_simple + * + * If the first argument is :GFp or :GF2m, creates a new curve with given + * parameters. */ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self) { @@ -941,15 +946,18 @@ ossl_ec_group_initialize_copy(VALUE self, VALUE other) if (!ec_group->group) ossl_raise(eEC_GROUP, "EC_GROUP_dup"); - rb_iv_set(self, "@key", Qnil); + rb_ivar_set(self, id_i_key, Qnil); return self; } -/* call-seq: - * group1.eql?(group2) => true | false - * group1 == group2 => true | false +/* + * call-seq: + * group1.eql?(group2) => true | false + * group1 == group2 => true | false * + * Returns true if the two groups use the same curve and have the same + * parameters, false otherwise. */ static VALUE ossl_ec_group_eql(VALUE a, VALUE b) { @@ -964,10 +972,13 @@ static VALUE ossl_ec_group_eql(VALUE a, VALUE b) return Qtrue; } -/* call-seq: - * group.generator => ec_point +/* + * call-seq: + * group.generator => ec_point * - * See the OpenSSL documentation for EC_GROUP_get0_generator() + * Returns the generator of the group. + * + * See the OpenSSL documentation for EC_GROUP_get0_generator() */ static VALUE ossl_ec_group_get_generator(VALUE self) { @@ -981,10 +992,14 @@ static VALUE ossl_ec_group_get_generator(VALUE self) return point_obj; } -/* call-seq: - * group.set_generator(generator, order, cofactor) => self +/* + * call-seq: + * group.set_generator(generator, order, cofactor) => self * - * See the OpenSSL documentation for EC_GROUP_set_generator() + * Sets the curve parameters. +generator+ must be an instance of EC::Point that + * is on the curve. +order+ and +cofactor+ are integers. + * + * See the OpenSSL documentation for EC_GROUP_set_generator() */ static VALUE ossl_ec_group_set_generator(VALUE self, VALUE generator, VALUE order, VALUE cofactor) { @@ -1003,10 +1018,13 @@ static VALUE ossl_ec_group_set_generator(VALUE self, VALUE generator, VALUE orde return self; } -/* call-seq: - * group.get_order => order_bn +/* + * call-seq: + * group.get_order => order_bn + * + * Returns the order of the group. * - * See the OpenSSL documentation for EC_GROUP_get_order() + * See the OpenSSL documentation for EC_GROUP_get_order() */ static VALUE ossl_ec_group_get_order(VALUE self) { @@ -1025,10 +1043,13 @@ static VALUE ossl_ec_group_get_order(VALUE self) return bn_obj; } -/* call-seq: - * group.get_cofactor => cofactor_bn +/* + * call-seq: + * group.get_cofactor => cofactor_bn + * + * Returns the cofactor of the group. * - * See the OpenSSL documentation for EC_GROUP_get_cofactor() + * See the OpenSSL documentation for EC_GROUP_get_cofactor() */ static VALUE ossl_ec_group_get_cofactor(VALUE self) { @@ -1047,10 +1068,13 @@ static VALUE ossl_ec_group_get_cofactor(VALUE self) return bn_obj; } -/* call-seq: - * group.curve_name => String +/* + * call-seq: + * group.curve_name => String + * + * Returns the curve name (sn). * - * See the OpenSSL documentation for EC_GROUP_get_curve_name() + * See the OpenSSL documentation for EC_GROUP_get_curve_name() */ static VALUE ossl_ec_group_get_curve_name(VALUE self) { @@ -1067,10 +1091,14 @@ static VALUE ossl_ec_group_get_curve_name(VALUE self) return rb_str_new2(OBJ_nid2sn(nid)); } -/* call-seq: - * EC.builtin_curves => [[name, comment], ...] +/* + * call-seq: + * EC.builtin_curves => [[sn, comment], ...] + * + * Obtains a list of all predefined curves by the OpenSSL. Curve names are + * returned as sn. * - * See the OpenSSL documentation for EC_builtin_curves() + * See the OpenSSL documentation for EC_get_builtin_curves(). */ static VALUE ossl_s_builtin_curves(VALUE self) { @@ -1100,10 +1128,13 @@ static VALUE ossl_s_builtin_curves(VALUE self) return ret; } -/* call-seq: - * group.asn1_flag => Fixnum +/* + * call-seq: + * group.asn1_flag -> Integer + * + * Returns the flags set on the group. * - * See the OpenSSL documentation for EC_GROUP_get_asn1_flag() + * See also #asn1_flag=. */ static VALUE ossl_ec_group_get_asn1_flag(VALUE self) { @@ -1114,13 +1145,22 @@ static VALUE ossl_ec_group_get_asn1_flag(VALUE self) flag = EC_GROUP_get_asn1_flag(group); - return INT2FIX(flag); + return INT2NUM(flag); } -/* call-seq: - * group.asn1_flag = Fixnum => Fixnum +/* + * call-seq: + * group.asn1_flag = flags + * + * Sets flags on the group. The flag value is used to determine how to encode + * the group: encode explicit parameters or named curve using an OID. + * + * The flag value can be either of: + * + * * EC::NAMED_CURVE + * * EC::EXPLICIT_CURVE * - * See the OpenSSL documentation for EC_GROUP_set_asn1_flag() + * See the OpenSSL documentation for EC_GROUP_set_asn1_flag(). */ static VALUE ossl_ec_group_set_asn1_flag(VALUE self, VALUE flag_v) { @@ -1133,10 +1173,13 @@ static VALUE ossl_ec_group_set_asn1_flag(VALUE self, VALUE flag_v) return flag_v; } -/* call-seq: - * group.point_conversion_form => :uncompressed | :compressed | :hybrid +/* + * call-seq: + * group.point_conversion_form -> Symbol + * + * Returns the form how EC::Point data is encoded as ASN.1. * - * See the OpenSSL documentation for EC_GROUP_get_point_conversion_form() + * See also #point_conversion_form=. */ static VALUE ossl_ec_group_get_point_conversion_form(VALUE self) { @@ -1158,10 +1201,24 @@ static VALUE ossl_ec_group_get_point_conversion_form(VALUE self) return ID2SYM(ret); } -/* call-seq: - * group.point_conversion_form = form => form +/* + * call-seq: + * group.point_conversion_form = form * - * See the OpenSSL documentation for EC_GROUP_set_point_conversion_form() + * Sets the form how EC::Point data is encoded as ASN.1 as defined in X9.62. + * + * +format+ can be one of these: + * + * :compressed:: + * Encoded as z||x, where z is an octet indicating which solution of the + * equation y is. z will be 0x02 or 0x03. + * :uncompressed:: + * Encoded as z||x||y, where z is an octet 0x04. + * :hybrid:: + * Encodes as z||x||y, where z is an octet indicating which solution of the + * equation y is. z will be 0x06 or 0x07. + * + * See the OpenSSL documentation for EC_GROUP_set_point_conversion_form() */ static VALUE ossl_ec_group_set_point_conversion_form(VALUE self, VALUE form_v) { @@ -1186,10 +1243,11 @@ static VALUE ossl_ec_group_set_point_conversion_form(VALUE self, VALUE form_v) return form_v; } -/* call-seq: - * group.seed => String or nil +/* + * call-seq: + * group.seed => String or nil * - * See the OpenSSL documentation for EC_GROUP_get0_seed() + * See the OpenSSL documentation for EC_GROUP_get0_seed() */ static VALUE ossl_ec_group_get_seed(VALUE self) { @@ -1206,10 +1264,11 @@ static VALUE ossl_ec_group_get_seed(VALUE self) return rb_str_new((const char *)EC_GROUP_get0_seed(group), seed_len); } -/* call-seq: - * group.seed = seed => seed +/* + * call-seq: + * group.seed = seed => seed * - * See the OpenSSL documentation for EC_GROUP_set_seed() + * See the OpenSSL documentation for EC_GROUP_set_seed() */ static VALUE ossl_ec_group_set_seed(VALUE self, VALUE seed) { @@ -1226,10 +1285,11 @@ static VALUE ossl_ec_group_set_seed(VALUE self, VALUE seed) /* get/set curve GFp, GF2m */ -/* call-seq: - * group.degree => Fixnum +/* + * call-seq: + * group.degree => Fixnum * - * See the OpenSSL documentation for EC_GROUP_get_degree() + * See the OpenSSL documentation for EC_GROUP_get_degree() */ static VALUE ossl_ec_group_get_degree(VALUE self) { @@ -1274,8 +1334,9 @@ static VALUE ossl_ec_group_to_string(VALUE self, int format) return str; } -/* call-seq: - * group.to_pem => String +/* + * call-seq: + * group.to_pem => String * * See the OpenSSL documentation for PEM_write_bio_ECPKParameters() */ @@ -1284,20 +1345,22 @@ static VALUE ossl_ec_group_to_pem(VALUE self) return ossl_ec_group_to_string(self, EXPORT_PEM); } -/* call-seq: - * group.to_der => String +/* + * call-seq: + * group.to_der => String * - * See the OpenSSL documentation for i2d_ECPKParameters_bio() + * See the OpenSSL documentation for i2d_ECPKParameters_bio() */ static VALUE ossl_ec_group_to_der(VALUE self) { return ossl_ec_group_to_string(self, EXPORT_DER); } -/* call-seq: - * group.to_text => String +/* + * call-seq: + * group.to_text => String * - * See the OpenSSL documentation for ECPKParameters_print() + * See the OpenSSL documentation for ECPKParameters_print() */ static VALUE ossl_ec_group_to_text(VALUE self) { @@ -1346,12 +1409,12 @@ static VALUE ossl_ec_point_alloc(VALUE klass) } /* - * call-seq: - * OpenSSL::PKey::EC::Point.new(point) - * OpenSSL::PKey::EC::Point.new(group) - * OpenSSL::PKey::EC::Point.new(group, bn) + * call-seq: + * OpenSSL::PKey::EC::Point.new(point) + * OpenSSL::PKey::EC::Point.new(group) + * OpenSSL::PKey::EC::Point.new(group, bn) * - * See the OpenSSL documentation for EC_POINT_* + * See the OpenSSL documentation for EC_POINT_* */ static VALUE ossl_ec_point_initialize(int argc, VALUE *argv, VALUE self) { @@ -1370,7 +1433,7 @@ static VALUE ossl_ec_point_initialize(int argc, VALUE *argv, VALUE self) if (rb_obj_is_kind_of(arg1, cEC_POINT)) { const EC_POINT *arg_point; - group_v = rb_iv_get(arg1, "@group"); + group_v = rb_attr_get(arg1, id_i_group); SafeRequire_EC_GROUP(group_v, group); SafeRequire_EC_POINT(arg1, arg_point); @@ -1419,7 +1482,7 @@ static VALUE ossl_ec_point_initialize(int argc, VALUE *argv, VALUE self) ec_point->point = point; - rb_iv_set(self, "@group", group_v); + rb_ivar_set(self, id_i_group, group_v); return self; } @@ -1437,29 +1500,28 @@ ossl_ec_point_initialize_copy(VALUE self, VALUE other) ossl_raise(eEC_POINT, "EC::Point already initialized"); SafeRequire_EC_POINT(other, orig); - group_v = rb_obj_dup(rb_iv_get(other, "@group")); + group_v = rb_obj_dup(rb_attr_get(other, id_i_group)); SafeRequire_EC_GROUP(group_v, group); ec_point->point = EC_POINT_dup(orig, group); if (!ec_point->point) ossl_raise(eEC_POINT, "EC_POINT_dup"); - rb_iv_set(self, "@key", Qnil); - rb_iv_set(self, "@group", group_v); + rb_ivar_set(self, id_i_key, Qnil); + rb_ivar_set(self, id_i_group, group_v); return self; } /* - * call-seq: - * point1.eql?(point2) => true | false - * point1 == point2 => true | false - * + * call-seq: + * point1.eql?(point2) => true | false + * point1 == point2 => true | false */ static VALUE ossl_ec_point_eql(VALUE a, VALUE b) { EC_POINT *point1, *point2; - VALUE group_v1 = rb_iv_get(a, "@group"); - VALUE group_v2 = rb_iv_get(b, "@group"); + VALUE group_v1 = rb_attr_get(a, id_i_group); + VALUE group_v2 = rb_attr_get(b, id_i_group); const EC_GROUP *group; if (ossl_ec_group_eql(group_v1, group_v2) == Qfalse) @@ -1476,14 +1538,13 @@ static VALUE ossl_ec_point_eql(VALUE a, VALUE b) } /* - * call-seq: - * point.infinity? => true | false - * + * call-seq: + * point.infinity? => true | false */ static VALUE ossl_ec_point_is_at_infinity(VALUE self) { EC_POINT *point; - VALUE group_v = rb_iv_get(self, "@group"); + VALUE group_v = rb_attr_get(self, id_i_group); const EC_GROUP *group; Require_EC_POINT(self, point); @@ -1499,14 +1560,13 @@ static VALUE ossl_ec_point_is_at_infinity(VALUE self) } /* - * call-seq: - * point.on_curve? => true | false - * + * call-seq: + * point.on_curve? => true | false */ static VALUE ossl_ec_point_is_on_curve(VALUE self) { EC_POINT *point; - VALUE group_v = rb_iv_get(self, "@group"); + VALUE group_v = rb_attr_get(self, id_i_group); const EC_GROUP *group; Require_EC_POINT(self, point); @@ -1522,14 +1582,13 @@ static VALUE ossl_ec_point_is_on_curve(VALUE self) } /* - * call-seq: - * point.make_affine! => self - * + * call-seq: + * point.make_affine! => self */ static VALUE ossl_ec_point_make_affine(VALUE self) { EC_POINT *point; - VALUE group_v = rb_iv_get(self, "@group"); + VALUE group_v = rb_attr_get(self, id_i_group); const EC_GROUP *group; Require_EC_POINT(self, point); @@ -1542,14 +1601,13 @@ static VALUE ossl_ec_point_make_affine(VALUE self) } /* - * call-seq: - * point.invert! => self - * + * call-seq: + * point.invert! => self */ static VALUE ossl_ec_point_invert(VALUE self) { EC_POINT *point; - VALUE group_v = rb_iv_get(self, "@group"); + VALUE group_v = rb_attr_get(self, id_i_group); const EC_GROUP *group; Require_EC_POINT(self, point); @@ -1562,14 +1620,13 @@ static VALUE ossl_ec_point_invert(VALUE self) } /* - * call-seq: - * point.set_to_infinity! => self - * + * call-seq: + * point.set_to_infinity! => self */ static VALUE ossl_ec_point_set_to_infinity(VALUE self) { EC_POINT *point; - VALUE group_v = rb_iv_get(self, "@group"); + VALUE group_v = rb_attr_get(self, id_i_group); const EC_GROUP *group; Require_EC_POINT(self, point); @@ -1582,8 +1639,8 @@ static VALUE ossl_ec_point_set_to_infinity(VALUE self) } /* - * call-seq: - * point.to_bn => OpenSSL::BN + * call-seq: + * point.to_bn => OpenSSL::BN * * See the OpenSSL documentation for EC_POINT_point2bn() */ @@ -1591,7 +1648,7 @@ static VALUE ossl_ec_point_to_bn(VALUE self) { EC_POINT *point; VALUE bn_obj; - VALUE group_v = rb_iv_get(self, "@group"); + VALUE group_v = rb_attr_get(self, id_i_group); const EC_GROUP *group; point_conversion_form_t form; BIGNUM *bn; @@ -1611,9 +1668,9 @@ static VALUE ossl_ec_point_to_bn(VALUE self) } /* - * call-seq: - * point.mul(bn1 [, bn2]) => point - * point.mul(bns, points [, bn2]) => point + * call-seq: + * point.mul(bn1 [, bn2]) => point + * point.mul(bns, points [, bn2]) => point * * Performs elliptic curve point multiplication. * @@ -1631,7 +1688,7 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self) { EC_POINT *point_self, *point_result; const EC_GROUP *group; - VALUE group_v = rb_iv_get(self, "@group"); + VALUE group_v = rb_attr_get(self, id_i_group); VALUE arg1, arg2, arg3, result; const BIGNUM *bn_g = NULL; @@ -1643,11 +1700,11 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self) Require_EC_POINT(result, point_result); rb_scan_args(argc, argv, "12", &arg1, &arg2, &arg3); - if (rb_obj_is_kind_of(arg1, cBN)) { + if (!RB_TYPE_P(arg1, T_ARRAY)) { BIGNUM *bn = GetBNPtr(arg1); - if (argc >= 2) - bn_g = GetBNPtr(arg2); + if (!NIL_P(arg2)) + bn_g = GetBNPtr(arg2); if (EC_POINT_mul(group, point_result, bn_g, point_self, bn, ossl_bn_ctx) != 1) ossl_raise(eEC_POINT, NULL); } else { @@ -1660,9 +1717,8 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self) const EC_POINT **points; const BIGNUM **bignums; - if (!rb_obj_is_kind_of(arg1, rb_cArray) || - !rb_obj_is_kind_of(arg2, rb_cArray)) - ossl_raise(rb_eTypeError, "points must be array"); + Check_Type(arg1, T_ARRAY); + Check_Type(arg2, T_ARRAY); if (RARRAY_LEN(arg1) != RARRAY_LEN(arg2) + 1) /* arg2 must be 1 larger */ ossl_raise(rb_eArgError, "bns must be 1 longer than points; see the documentation"); @@ -1676,7 +1732,7 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self) for (i = 0; i < num - 1; i++) SafeRequire_EC_POINT(RARRAY_AREF(arg2, i), points[i + 1]); - if (argc >= 3) + if (!NIL_P(arg3)) bn_g = GetBNPtr(arg3); if (EC_POINTs_mul(group, point_result, bn_g, num, points, bignums, ossl_bn_ctx) != 1) { @@ -1694,13 +1750,30 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self) void Init_ossl_ec(void) { -#ifdef DONT_NEED_RDOC_WORKAROUND - mOSSL = rb_define_module("OpenSSL"); +#if 0 mPKey = rb_define_module_under(mOSSL, "PKey"); + cPKey = rb_define_class_under(mPKey, "PKey", rb_cObject); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); + ePKeyError = rb_define_class_under(mPKey, "PKeyError", eOSSLError); #endif eECError = rb_define_class_under(mPKey, "ECError", ePKeyError); + /* + * Document-class: OpenSSL::PKey::EC + * + * OpenSSL::PKey::EC provides access to Elliptic Curve Digital Signature + * Algorithm (ECDSA) and Elliptic Curve Diffie-Hellman (ECDH). + * + * === Key exchange + * ec1 = OpenSSL::PKey::EC.generate("prime256v1") + * ec2 = OpenSSL::PKey::EC.generate("prime256v1") + * # ec1 and ec2 have own private key respectively + * shared_key1 = ec1.dh_compute_key(ec2.public_key) + * shared_key2 = ec2.dh_compute_key(ec1.public_key) + * + * p shared_key1 == shared_key2 #=> true + */ cEC = rb_define_class_under(mPKey, "EC", cPKey); cEC_GROUP = rb_define_class_under(cEC, "Group", rb_cObject); cEC_POINT = rb_define_class_under(cEC, "Point", rb_cObject); @@ -1718,7 +1791,10 @@ void Init_ossl_ec(void) ID_compressed = rb_intern("compressed"); ID_hybrid = rb_intern("hybrid"); - rb_define_const(cEC, "NAMED_CURVE", ULONG2NUM(OPENSSL_EC_NAMED_CURVE)); + rb_define_const(cEC, "NAMED_CURVE", INT2NUM(OPENSSL_EC_NAMED_CURVE)); +#if defined(OPENSSL_EC_EXPLICIT_CURVE) + rb_define_const(cEC, "EXPLICIT_CURVE", INT2NUM(OPENSSL_EC_EXPLICIT_CURVE)); +#endif rb_define_singleton_method(cEC, "builtin_curves", ossl_s_builtin_curves, 0); @@ -1811,6 +1887,9 @@ void Init_ossl_ec(void) rb_define_method(cEC_POINT, "to_bn", ossl_ec_point_to_bn, 0); rb_define_method(cEC_POINT, "mul", ossl_ec_point_mul, -1); + + id_i_group = rb_intern("@group"); + id_i_key = rb_intern("@key"); } #else /* defined NO_EC */ diff --git a/ext/openssl/ossl_pkey_rsa.c b/ext/openssl/ossl_pkey_rsa.c index f1b4f04c14..17a7494992 100644 --- a/ext/openssl/ossl_pkey_rsa.c +++ b/ext/openssl/ossl_pkey_rsa.c @@ -229,8 +229,8 @@ ossl_rsa_initialize(int argc, VALUE *argv, VALUE self) if(rb_scan_args(argc, argv, "02", &arg, &pass) == 0) { rsa = RSA_new(); } - else if (FIXNUM_P(arg)) { - rsa = rsa_generate(FIX2INT(arg), NIL_P(pass) ? RSA_F4 : NUM2ULONG(pass)); + else if (RB_INTEGER_TYPE_P(arg)) { + rsa = rsa_generate(NUM2INT(arg), NIL_P(pass) ? RSA_F4 : NUM2ULONG(pass)); if (!rsa) ossl_raise(eRSAError, NULL); } else { @@ -335,7 +335,7 @@ ossl_rsa_is_private(VALUE self) * * Outputs this keypair in PEM encoding. If +cipher+ and +pass_phrase+ are * given they will be used to encrypt the key. +cipher+ must be an - * OpenSSL::Cipher::Cipher instance. + * OpenSSL::Cipher instance. */ static VALUE ossl_rsa_export(int argc, VALUE *argv, VALUE self) @@ -383,7 +383,7 @@ static VALUE ossl_rsa_to_der(VALUE self) { RSA *rsa; - int (*i2d_func)_((const RSA*, unsigned char**)); + int (*i2d_func)(const RSA *, unsigned char **); unsigned char *p; long len; VALUE str; @@ -392,7 +392,7 @@ ossl_rsa_to_der(VALUE self) if (RSA_HAS_PRIVATE(rsa)) i2d_func = i2d_RSAPrivateKey; else - i2d_func = (int (*)(const RSA*, unsigned char**))i2d_RSA_PUBKEY; + i2d_func = (int (*)(const RSA *, unsigned char **))i2d_RSA_PUBKEY; if((len = i2d_func(rsa, NULL)) <= 0) ossl_raise(eRSAError, NULL); str = rb_str_new(0, len); @@ -656,21 +656,45 @@ ossl_rsa_blinding_off(VALUE self) } */ +/* + * Document-method: OpenSSL::PKey::RSA#set_key + * call-seq: + * rsa.set_key(n, e, d) -> self + * + * Sets +n+, +e+, +d+ for the RSA instance. + */ OSSL_PKEY_BN_DEF3(rsa, RSA, key, n, e, d) +/* + * Document-method: OpenSSL::PKey::RSA#set_factors + * call-seq: + * rsa.set_factors(p, q) -> self + * + * Sets +p+, +q+ for the RSA instance. + */ OSSL_PKEY_BN_DEF2(rsa, RSA, factors, p, q) +/* + * Document-method: OpenSSL::PKey::RSA#set_crt_params + * call-seq: + * rsa.set_crt_params(dmp1, dmq1, iqmp) -> self + * + * Sets +dmp1+, +dmq1+, +iqmp+ for the RSA instance. They are calculated by + * d mod (p - 1), d mod (q - 1) and q^(-1) mod p + * respectively. + */ OSSL_PKEY_BN_DEF3(rsa, RSA, crt_params, dmp1, dmq1, iqmp) /* * INIT */ -#define DefRSAConst(x) rb_define_const(cRSA, #x,INT2FIX(RSA_##x)) +#define DefRSAConst(x) rb_define_const(cRSA, #x, INT2NUM(RSA_##x)) void Init_ossl_rsa(void) { #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL and mPKey */ mPKey = rb_define_module_under(mOSSL, "PKey"); + cPKey = rb_define_class_under(mPKey, "PKey", rb_cObject); + ePKeyError = rb_define_class_under(mPKey, "PKeyError", eOSSLError); #endif /* Document-class: OpenSSL::PKey::RSAError diff --git a/ext/openssl/ossl_rand.c b/ext/openssl/ossl_rand.c index ff07a41bfc..688c525afa 100644 --- a/ext/openssl/ossl_rand.c +++ b/ext/openssl/ossl_rand.c @@ -41,13 +41,13 @@ ossl_rand_seed(VALUE self, VALUE str) * The +entropy+ argument is (the lower bound of) an estimate of how much * randomness is contained in +str+, measured in bytes. * - * Example: + * === Example * * pid = $$ * now = Time.now * ary = [now.to_i, now.nsec, 1000, pid] - * OpenSSL::Random.add(ary.join("").to_s, 0.0) - * OpenSSL::Random.seed(ary.join("").to_s) + * OpenSSL::Random.add(ary.join, 0.0) + * OpenSSL::Random.seed(ary.join) */ static VALUE ossl_rand_add(VALUE self, VALUE str, VALUE entropy) @@ -101,10 +101,10 @@ ossl_rand_write_file(VALUE self, VALUE filename) * Generates +string+ with +length+ number of cryptographically strong * pseudo-random bytes. * - * Example: + * === Example * * OpenSSL::Random.random_bytes(12) - * => "..." + * #=> "..." */ static VALUE ossl_rand_bytes(VALUE self, VALUE len) @@ -134,10 +134,10 @@ ossl_rand_bytes(VALUE self, VALUE len) * Pseudo-random byte sequences generated by ::pseudo_bytes will be unique if * they are of sufficient length, but are not necessarily unpredictable. * - * Example: + * === Example * * OpenSSL::Random.pseudo_bytes(12) - * => "..." + * #=> "..." */ static VALUE ossl_rand_pseudo_bytes(VALUE self, VALUE len) @@ -214,7 +214,8 @@ void Init_ossl_rand(void) { #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); #endif mRandom = rb_define_module_under(mOSSL, "Random"); diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index a180ff251d..9a499a7a0d 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -64,18 +64,15 @@ static VALUE eSSLErrorWaitWritable; #define ossl_sslctx_get_client_cert_cb(o) rb_iv_get((o),"@client_cert_cb") #define ossl_sslctx_get_tmp_ecdh_cb(o) rb_iv_get((o),"@tmp_ecdh_callback") #define ossl_sslctx_get_sess_id_ctx(o) rb_iv_get((o),"@session_id_context") +#define ossl_sslctx_get_verify_hostname(o) rb_iv_get((o),"@verify_hostname") #define ossl_ssl_get_io(o) rb_iv_get((o),"@io") #define ossl_ssl_get_ctx(o) rb_iv_get((o),"@context") -#define ossl_ssl_get_x509(o) rb_iv_get((o),"@x509") -#define ossl_ssl_get_key(o) rb_iv_get((o),"@key") #define ossl_ssl_set_io(o,v) rb_iv_set((o),"@io",(v)) #define ossl_ssl_set_ctx(o,v) rb_iv_set((o),"@context",(v)) #define ossl_ssl_set_sync_close(o,v) rb_iv_set((o),"@sync_close",(v)) #define ossl_ssl_set_hostname_v(o,v) rb_iv_set((o),"@hostname",(v)) -#define ossl_ssl_set_x509(o,v) rb_iv_set((o),"@x509",(v)) -#define ossl_ssl_set_key(o,v) rb_iv_set((o),"@key",(v)) #define ossl_ssl_set_tmp_dh(o,v) rb_iv_set((o),"@tmp_dh",(v)) #define ossl_ssl_set_tmp_ecdh(o,v) rb_iv_set((o),"@tmp_ecdh",(v)) @@ -183,6 +180,9 @@ ossl_sslctx_s_alloc(VALUE klass) * ctx.ssl_version = :TLSv1 * ctx.ssl_version = "SSLv23_client" * + * Sets the SSL/TLS protocol version for the context. This forces connections to + * use only the specified protocol version. + * * You can get a list of valid versions with OpenSSL::SSL::SSLContext::METHODS */ static VALUE @@ -225,28 +225,30 @@ ossl_call_client_cert_cb(VALUE obj) { VALUE cb, ary, cert, key; - cb = rb_funcall(obj, rb_intern("client_cert_cb"), 0); - if (NIL_P(cb)) return Qfalse; + cb = ossl_sslctx_get_client_cert_cb(ossl_ssl_get_ctx(obj)); + if (NIL_P(cb)) + return Qnil; + ary = rb_funcall(cb, rb_intern("call"), 1, obj); Check_Type(ary, T_ARRAY); GetX509CertPtr(cert = rb_ary_entry(ary, 0)); - GetPKeyPtr(key = rb_ary_entry(ary, 1)); - ossl_ssl_set_x509(obj, cert); - ossl_ssl_set_key(obj, key); + GetPrivPKeyPtr(key = rb_ary_entry(ary, 1)); - return Qtrue; + return rb_ary_new3(2, cert, key); } static int ossl_client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey) { - VALUE obj, success; + VALUE obj, ret; obj = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx); - success = rb_protect(ossl_call_client_cert_cb, obj, NULL); - if (!RTEST(success)) return 0; - *x509 = DupX509CertPtr(ossl_ssl_get_x509(obj)); - *pkey = DupPKeyPtr(ossl_ssl_get_key(obj)); + ret = rb_protect(ossl_call_client_cert_cb, obj, NULL); + if (NIL_P(ret)) + return 0; + + *x509 = DupX509CertPtr(RARRAY_AREF(ret, 0)); + *pkey = DupPKeyPtr(RARRAY_AREF(ret, 1)); return 1; } @@ -275,7 +277,7 @@ ossl_tmp_dh_callback(SSL *ssl, int is_export, int keylength) rb_ssl = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx); - args = rb_ary_new_from_args(3, rb_ssl, INT2FIX(is_export), INT2FIX(keylength)); + args = rb_ary_new_from_args(3, rb_ssl, INT2NUM(is_export), INT2NUM(keylength)); dh = rb_protect(ossl_call_tmp_dh_callback, args, NULL); if (!RTEST(dh)) return NULL; @@ -309,7 +311,7 @@ ossl_tmp_ecdh_callback(SSL *ssl, int is_export, int keylength) rb_ssl = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx); - args = rb_ary_new_from_args(3, rb_ssl, INT2FIX(is_export), INT2FIX(keylength)); + args = rb_ary_new_from_args(3, rb_ssl, INT2NUM(is_export), INT2NUM(keylength)); ecdh = rb_protect(ossl_call_tmp_ecdh_callback, args, NULL); if (!RTEST(ecdh)) return NULL; @@ -319,16 +321,50 @@ ossl_tmp_ecdh_callback(SSL *ssl, int is_export, int keylength) } #endif +static VALUE +call_verify_certificate_identity(VALUE ctx_v) +{ + X509_STORE_CTX *ctx = (X509_STORE_CTX *)ctx_v; + SSL *ssl; + VALUE ssl_obj, hostname, cert_obj; + + ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); + ssl_obj = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx); + hostname = rb_attr_get(ssl_obj, rb_intern("@hostname")); + + if (!RTEST(hostname)) { + rb_warning("verify_hostname requires hostname to be set"); + return Qtrue; + } + + cert_obj = ossl_x509_new(X509_STORE_CTX_get_current_cert(ctx)); + return rb_funcall(mSSL, rb_intern("verify_certificate_identity"), 2, + cert_obj, hostname); +} + static int ossl_ssl_verify_callback(int preverify_ok, X509_STORE_CTX *ctx) { - VALUE cb; + VALUE cb, ssl_obj, verify_hostname, ret; SSL *ssl; + int status; ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); cb = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_vcb_idx); - X509_STORE_CTX_set_ex_data(ctx, ossl_store_ctx_ex_verify_cb_idx, (void *)cb); - return ossl_verify_cb(preverify_ok, ctx); + ssl_obj = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx); + verify_hostname = ossl_sslctx_get_verify_hostname(ossl_ssl_get_ctx(ssl_obj)); + + if (preverify_ok && RTEST(verify_hostname) && !SSL_is_server(ssl) && + !X509_STORE_CTX_get_error_depth(ctx)) { + ret = rb_protect(call_verify_certificate_identity, (VALUE)ctx, &status); + if (status) { + rb_ivar_set(ssl_obj, ID_callback_state, INT2NUM(status)); + return 0; + } + preverify_ok = ret == Qtrue; + } + + return ossl_verify_cb_call(cb, preverify_ok, ctx); } static VALUE @@ -464,7 +500,7 @@ ossl_sslctx_session_remove_cb(SSL_CTX *ctx, SSL_SESSION *sess) rb_ary_push(ary, sslctx_obj); rb_ary_push(ary, sess_obj); - rb_protect((VALUE(*)_((VALUE)))ossl_call_session_remove_cb, ary, &state); + rb_protect(ossl_call_session_remove_cb, ary, &state); if (state) { /* the SSL_CTX is frozen, nowhere to save state. @@ -540,7 +576,7 @@ ssl_servername_cb(SSL *ssl, int *ad, void *arg) rb_ary_push(ary, ssl_obj); rb_ary_push(ary, rb_str_new2(servername)); - rb_protect((VALUE(*)_((VALUE)))ossl_call_servername_cb, ary, &state); + rb_protect(ossl_call_servername_cb, ary, &state); if (state) { rb_ivar_set(ssl_obj, ID_callback_state, INT2NUM(state)); return SSL_TLSEXT_ERR_ALERT_FATAL; @@ -624,8 +660,7 @@ ssl_npn_select_cb_common(VALUE cb, const unsigned char **out, unsigned char *out static int ssl_npn_advertise_cb(SSL *ssl, const unsigned char **out, unsigned int *outlen, void *arg) { - VALUE sslctx_obj = (VALUE) arg; - VALUE protocols = rb_iv_get(sslctx_obj, "@_protocols"); + VALUE protocols = (VALUE)arg; *out = (const unsigned char *) RSTRING_PTR(protocols); *outlen = RSTRING_LENINT(protocols); @@ -776,7 +811,7 @@ ossl_sslctx_setup(VALUE self) val = ossl_sslctx_get_cert(self); cert = NIL_P(val) ? NULL : GetX509CertPtr(val); /* NO DUP NEEDED */ val = ossl_sslctx_get_key(self); - key = NIL_P(val) ? NULL : GetPKeyPtr(val); /* NO DUP NEEDED */ + key = NIL_P(val) ? NULL : GetPrivPKeyPtr(val); /* NO DUP NEEDED */ if (cert && key) { if (!SSL_CTX_use_certificate(ctx, cert)) { /* Adds a ref => Safe to FREE */ @@ -835,8 +870,8 @@ ossl_sslctx_setup(VALUE self) #ifdef HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB val = rb_iv_get(self, "@npn_protocols"); if (!NIL_P(val)) { - rb_iv_set(self, "@_protocols", ssl_encode_npn_protocols(val)); - SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_npn_advertise_cb, (void *) self); + VALUE encoded = ssl_encode_npn_protocols(val); + SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_npn_advertise_cb, (void *)encoded); OSSL_Debug("SSL NPN advertise callback added"); } if (RTEST(rb_iv_get(self, "@npn_select_cb"))) { @@ -903,8 +938,8 @@ ossl_ssl_cipher_to_ary(const SSL_CIPHER *cipher) rb_ary_push(ary, rb_str_new2(SSL_CIPHER_get_name(cipher))); rb_ary_push(ary, rb_str_new2(SSL_CIPHER_get_version(cipher))); bits = SSL_CIPHER_get_bits(cipher, &alg_bits); - rb_ary_push(ary, INT2FIX(bits)); - rb_ary_push(ary, INT2FIX(alg_bits)); + rb_ary_push(ary, INT2NUM(bits)); + rb_ary_push(ary, INT2NUM(alg_bits)); return ary; } @@ -913,7 +948,7 @@ ossl_ssl_cipher_to_ary(const SSL_CIPHER *cipher) * call-seq: * ctx.ciphers => [[name, version, bits, alg_bits], ...] * - * The list of ciphers configured for this context. + * The list of cipher suites configured for this context. */ static VALUE ossl_sslctx_get_ciphers(VALUE self) @@ -949,11 +984,9 @@ ossl_sslctx_get_ciphers(VALUE self) * ctx.ciphers = [name, ...] * ctx.ciphers = [[name, version, bits, alg_bits], ...] * - * Sets the list of available ciphers for this context. Note in a server + * Sets the list of available cipher suites for this context. Note in a server * context some ciphers require the appropriate certificates. For example, an - * RSA cipher can only be chosen when an RSA certificate is available. - * - * See also OpenSSL::Cipher and OpenSSL::Cipher::ciphers + * RSA cipher suite can only be chosen when an RSA certificate is available. */ static VALUE ossl_sslctx_set_ciphers(VALUE self, VALUE v) @@ -1056,7 +1089,11 @@ ossl_sslctx_set_ecdh_curves(VALUE self, VALUE arg) if (!ec) ossl_raise(eSSLError, NULL); EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE); - SSL_CTX_set_tmp_ecdh(ctx, ec); + if (!SSL_CTX_set_tmp_ecdh(ctx, ec)) { + EC_KEY_free(ec); + ossl_raise(eSSLError, "SSL_CTX_set_tmp_ecdh"); + } + EC_KEY_free(ec); # if defined(HAVE_SSL_CTX_SET_ECDH_AUTO) /* tmp_ecdh and ecdh_auto conflict. tmp_ecdh is ignored when ecdh_auto * is enabled. So disable ecdh_auto. */ @@ -1088,7 +1125,7 @@ ossl_sslctx_get_security_level(VALUE self) GetSSLCTX(self, ctx); #if defined(HAVE_SSL_CTX_GET_SECURITY_LEVEL) - return INT2FIX(SSL_CTX_get_security_level(ctx)); + return INT2NUM(SSL_CTX_get_security_level(ctx)); #else (void)ctx; return INT2FIX(0); @@ -1097,7 +1134,7 @@ ossl_sslctx_get_security_level(VALUE self) /* * call-seq: - * ctx.security_level=(integer) -> Integer + * ctx.security_level = integer * * Sets the security level for the context. OpenSSL limits parameters according * to the level. The "parameters" include: ciphersuites, curves, key sizes, @@ -1138,7 +1175,7 @@ ossl_sslctx_set_security_level(VALUE self, VALUE value) * call-seq: * ctx.session_add(session) -> true | false * - * Adds +session+ to the session cache + * Adds +session+ to the session cache. */ static VALUE ossl_sslctx_session_add(VALUE self, VALUE arg) @@ -1156,7 +1193,7 @@ ossl_sslctx_session_add(VALUE self, VALUE arg) * call-seq: * ctx.session_remove(session) -> true | false * - * Removes +session+ from the session cache + * Removes +session+ from the session cache. */ static VALUE ossl_sslctx_session_remove(VALUE self, VALUE arg) @@ -1374,7 +1411,7 @@ ossl_ssl_s_alloc(VALUE klass) * SSLSocket.new(io) => aSSLSocket * SSLSocket.new(io, ctx) => aSSLSocket * - * Creates a new SSL socket from +io+ which must be a real ruby object (not an + * Creates a new SSL socket from +io+ which must be a real IO object (not an * IO-like object that responds to read/write). * * If +ctx+ is provided the SSL Sockets initial params will be taken from @@ -1950,7 +1987,8 @@ ossl_ssl_get_cipher(VALUE self) * call-seq: * ssl.state => string * - * A description of the current connection state. + * A description of the current connection state. This is for diagnostic + * purposes only. */ static VALUE ossl_ssl_get_state(VALUE self) @@ -1972,7 +2010,7 @@ ossl_ssl_get_state(VALUE self) * call-seq: * ssl.pending => Integer * - * The number of bytes that are immediately available for reading + * The number of bytes that are immediately available for reading. */ static VALUE ossl_ssl_pending(VALUE self) @@ -2021,6 +2059,7 @@ ossl_ssl_set_session(VALUE self, VALUE arg1) return arg1; } +#ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME /* * call-seq: * ssl.hostname = hostname -> hostname @@ -2028,7 +2067,6 @@ ossl_ssl_set_session(VALUE self, VALUE arg1) * Sets the server hostname used for SNI. This needs to be set before * SSLSocket#connect. */ -#ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME static VALUE ossl_ssl_set_hostname(VALUE self, VALUE arg) { @@ -2066,7 +2104,7 @@ ossl_ssl_get_verify_result(VALUE self) GetSSL(self, ssl); - return INT2FIX(SSL_get_verify_result(ssl)); + return INT2NUM(SSL_get_verify_result(ssl)); } /* @@ -2095,7 +2133,7 @@ ossl_ssl_get_client_ca_list(VALUE self) # ifdef HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB /* * call-seq: - * ssl.npn_protocol => String + * ssl.npn_protocol => String | nil * * Returns the protocol string that was finally selected by the client * during the handshake. @@ -2120,9 +2158,9 @@ ossl_ssl_npn_protocol(VALUE self) # ifdef HAVE_SSL_CTX_SET_ALPN_SELECT_CB /* * call-seq: - * ssl.alpn_protocol => String + * ssl.alpn_protocol => String | nil * - * Returns the ALPN protocol string that was finally selected by the client + * Returns the ALPN protocol string that was finally selected by the server * during the handshake. */ static VALUE @@ -2147,7 +2185,7 @@ ossl_ssl_alpn_protocol(VALUE self) * call-seq: * ssl.tmp_key => PKey or nil * - * Returns the ephemeral key used in case of forward secrecy cipher + * Returns the ephemeral key used in case of forward secrecy cipher. */ static VALUE ossl_ssl_tmp_key(VALUE self) @@ -2170,7 +2208,10 @@ Init_ossl_ssl(void) VALUE ary; #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); + rb_mWaitReadable = rb_define_module_under(rb_cIO, "WaitReadable"); + rb_mWaitWritable = rb_define_module_under(rb_cIO, "WaitWritable"); #endif ID_callback_state = rb_intern("@callback_state"); @@ -2218,14 +2259,10 @@ Init_ossl_ssl(void) * * All attributes must be set before creating an SSLSocket as the * SSLContext will be frozen afterward. - * - * The following attributes are available but don't show up in rdoc: - * * ssl_version, cert, key, client_ca, ca_file, ca_path, timeout, - * * verify_mode, verify_depth client_cert_cb, tmp_dh_callback, - * * session_id_context, session_add_cb, session_new_cb, session_remove_cb */ cSSLContext = rb_define_class_under(mSSL, "SSLContext", rb_cObject); rb_define_alloc_func(cSSLContext, ossl_sslctx_s_alloc); + rb_undef_method(cSSLContext, "initialize_copy"); /* * Context certificate @@ -2255,7 +2292,7 @@ Init_ossl_ssl(void) rb_attr(cSSLContext, rb_intern("ca_path"), 1, 1, Qfalse); /* - * Maximum session lifetime. + * Maximum session lifetime in seconds. */ rb_attr(cSSLContext, rb_intern("timeout"), 1, 1, Qfalse); @@ -2264,6 +2301,11 @@ Init_ossl_ssl(void) * * Valid modes are VERIFY_NONE, VERIFY_PEER, VERIFY_CLIENT_ONCE, * VERIFY_FAIL_IF_NO_PEER_CERT and defined on OpenSSL::SSL + * + * The default mode is VERIFY_NONE, which does not perform any verification + * at all. + * + * See SSL_CTX_set_verify(3) for details. */ rb_attr(cSSLContext, rb_intern("verify_mode"), 1, 1, Qfalse); @@ -2281,12 +2323,21 @@ Init_ossl_ssl(void) * +store_context+ is an OpenSSL::X509::StoreContext containing the * context used for certificate verification. * - * If the callback returns false verification is stopped. + * If the callback returns false, the chain verification is immediately + * stopped and a bad_certificate alert is then sent. */ rb_attr(cSSLContext, rb_intern("verify_callback"), 1, 1, Qfalse); /* - * An OpenSSL::X509::Store used for certificate verification + * Whether to check the server certificate is valid for the hostname. + * + * In order to make this work, verify_mode must be set to VERIFY_PEER and + * the server hostname must be given by OpenSSL::SSL::SSLSocket#hostname=. + */ + rb_attr(cSSLContext, rb_intern("verify_hostname"), 1, 1, Qfalse); + + /* + * An OpenSSL::X509::Store used for certificate verification. */ rb_attr(cSSLContext, rb_intern("cert_store"), 1, 1, Qfalse); @@ -2410,7 +2461,7 @@ Init_ossl_ssl(void) * === Example * * ctx.npn_select_cb = lambda do |protocols| - * #inspect the protocols and select one + * # inspect the protocols and select one * protocols.first * end */ @@ -2420,10 +2471,10 @@ Init_ossl_ssl(void) #ifdef HAVE_SSL_CTX_SET_ALPN_SELECT_CB /* * An Enumerable of Strings. Each String represents a protocol to be - * advertised as the list of supported protocols for Application-Layer Protocol - * Negotiation. Supported in OpenSSL 1.0.1 and higher. Has no effect - * on the client side. If not set explicitly, the NPN extension will - * not be sent by the server in the handshake. + * advertised as the list of supported protocols for Application-Layer + * Protocol Negotiation. Supported in OpenSSL 1.0.2 and higher. Has no + * effect on the server side. If not set explicitly, the ALPN extension will + * not be included in the handshake. * * === Example * @@ -2433,16 +2484,16 @@ Init_ossl_ssl(void) /* * A callback invoked on the server side when the server needs to select * a protocol from the list sent by the client. Supported in OpenSSL 1.0.2 - * and higher. The server MUST select a protocol of those advertised by + * and higher. The callback must return a protocol of those advertised by * the client. If none is acceptable, raising an error in the callback * will cause the handshake to fail. Not setting this callback explicitly - * means not supporting the ALPN extension on the client - any protocols - * advertised by the server will be ignored. + * means not supporting the ALPN extension on the server - any protocols + * advertised by the client will be ignored. * * === Example * * ctx.alpn_select_cb = lambda do |protocols| - * #inspect the protocols and select one + * # inspect the protocols and select one * protocols.first * end */ @@ -2463,22 +2514,22 @@ Init_ossl_ssl(void) /* * No session caching for client or server */ - rb_define_const(cSSLContext, "SESSION_CACHE_OFF", LONG2FIX(SSL_SESS_CACHE_OFF)); + rb_define_const(cSSLContext, "SESSION_CACHE_OFF", LONG2NUM(SSL_SESS_CACHE_OFF)); /* * Client sessions are added to the session cache */ - rb_define_const(cSSLContext, "SESSION_CACHE_CLIENT", LONG2FIX(SSL_SESS_CACHE_CLIENT)); /* doesn't actually do anything in 0.9.8e */ + rb_define_const(cSSLContext, "SESSION_CACHE_CLIENT", LONG2NUM(SSL_SESS_CACHE_CLIENT)); /* doesn't actually do anything in 0.9.8e */ /* * Server sessions are added to the session cache */ - rb_define_const(cSSLContext, "SESSION_CACHE_SERVER", LONG2FIX(SSL_SESS_CACHE_SERVER)); + rb_define_const(cSSLContext, "SESSION_CACHE_SERVER", LONG2NUM(SSL_SESS_CACHE_SERVER)); /* * Both client and server sessions are added to the session cache */ - rb_define_const(cSSLContext, "SESSION_CACHE_BOTH", LONG2FIX(SSL_SESS_CACHE_BOTH)); /* no different than CACHE_SERVER in 0.9.8e */ + rb_define_const(cSSLContext, "SESSION_CACHE_BOTH", LONG2NUM(SSL_SESS_CACHE_BOTH)); /* no different than CACHE_SERVER in 0.9.8e */ /* * Normally the session cache is checked for expired sessions every 255 @@ -2486,7 +2537,7 @@ Init_ossl_ssl(void) * the automatic flushing may be disabled and #flush_sessions can be * called explicitly. */ - rb_define_const(cSSLContext, "SESSION_CACHE_NO_AUTO_CLEAR", LONG2FIX(SSL_SESS_CACHE_NO_AUTO_CLEAR)); + rb_define_const(cSSLContext, "SESSION_CACHE_NO_AUTO_CLEAR", LONG2NUM(SSL_SESS_CACHE_NO_AUTO_CLEAR)); /* * Always perform external lookups of sessions even if they are in the @@ -2494,18 +2545,18 @@ Init_ossl_ssl(void) * * This flag has no effect on clients */ - rb_define_const(cSSLContext, "SESSION_CACHE_NO_INTERNAL_LOOKUP", LONG2FIX(SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)); + rb_define_const(cSSLContext, "SESSION_CACHE_NO_INTERNAL_LOOKUP", LONG2NUM(SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)); /* * Never automatically store sessions in the internal store. */ - rb_define_const(cSSLContext, "SESSION_CACHE_NO_INTERNAL_STORE", LONG2FIX(SSL_SESS_CACHE_NO_INTERNAL_STORE)); + rb_define_const(cSSLContext, "SESSION_CACHE_NO_INTERNAL_STORE", LONG2NUM(SSL_SESS_CACHE_NO_INTERNAL_STORE)); /* * Enables both SESSION_CACHE_NO_INTERNAL_LOOKUP and * SESSION_CACHE_NO_INTERNAL_STORE. */ - rb_define_const(cSSLContext, "SESSION_CACHE_NO_INTERNAL", LONG2FIX(SSL_SESS_CACHE_NO_INTERNAL)); + rb_define_const(cSSLContext, "SESSION_CACHE_NO_INTERNAL", LONG2NUM(SSL_SESS_CACHE_NO_INTERNAL)); rb_define_method(cSSLContext, "session_add", ossl_sslctx_session_add, 1); rb_define_method(cSSLContext, "session_remove", ossl_sslctx_session_remove, 1); @@ -2528,10 +2579,6 @@ Init_ossl_ssl(void) /* * Document-class: OpenSSL::SSL::SSLSocket - * - * The following attributes are available but don't show up in rdoc. - * * io, context, sync_close - * */ cSSLSocket = rb_define_class_under(mSSL, "SSLSocket", rb_cObject); #ifdef OPENSSL_NO_SOCK @@ -2541,6 +2588,7 @@ Init_ossl_ssl(void) rb_define_const(mSSLExtConfig, "OPENSSL_NO_SOCK", Qfalse); rb_define_alloc_func(cSSLSocket, ossl_ssl_s_alloc); rb_define_method(cSSLSocket, "initialize", ossl_ssl_initialize, -1); + rb_undef_method(cSSLSocket, "initialize_copy"); rb_define_method(cSSLSocket, "connect", ossl_ssl_connect, 0); rb_define_method(cSSLSocket, "connect_nonblock", ossl_ssl_connect_nonblock, -1); rb_define_method(cSSLSocket, "accept", ossl_ssl_accept, 0); diff --git a/ext/openssl/ossl_ssl_session.c b/ext/openssl/ossl_ssl_session.c index 4836891d73..fb7c0fb611 100644 --- a/ext/openssl/ossl_ssl_session.c +++ b/ext/openssl/ossl_ssl_session.c @@ -28,12 +28,12 @@ static VALUE ossl_ssl_session_alloc(VALUE klass) /* * call-seq: - * Session.new(SSLSocket | string) => session + * Session.new(ssl_socket) -> Session + * Session.new(string) -> Session * - * === Parameters - * +SSLSocket+ is an OpenSSL::SSL::SSLSocket - * +string+ must be a DER or PEM encoded Session. -*/ + * Creates a new Session object from an instance of SSLSocket or DER/PEM encoded + * String. + */ static VALUE ossl_ssl_session_initialize(VALUE self, VALUE arg1) { SSL_SESSION *ctx = NULL; @@ -73,6 +73,26 @@ static VALUE ossl_ssl_session_initialize(VALUE self, VALUE arg1) return self; } +static VALUE +ossl_ssl_session_initialize_copy(VALUE self, VALUE other) +{ + SSL_SESSION *sess, *sess_other, *sess_new; + + rb_check_frozen(self); + sess = RTYPEDDATA_DATA(self); /* XXX */ + SafeGetSSLSession(other, sess_other); + + sess_new = ASN1_dup((i2d_of_void *)i2d_SSL_SESSION, (d2i_of_void *)d2i_SSL_SESSION, + (char *)sess_other); + if (!sess_new) + ossl_raise(eSSLSession, "ASN1_dup"); + + RTYPEDDATA_DATA(self) = sess_new; + SSL_SESSION_free(sess); + + return self; +} + #if HAVE_SSL_SESSION_CMP == 0 int SSL_SESSION_cmp(const SSL_SESSION *a,const SSL_SESSION *b) { @@ -98,9 +118,10 @@ int SSL_SESSION_cmp(const SSL_SESSION *a,const SSL_SESSION *b) /* * call-seq: - * session1 == session2 -> boolean + * session1 == session2 -> boolean * -*/ + * Returns true if the two Session is the same, false if not. + */ static VALUE ossl_ssl_session_eq(VALUE val1, VALUE val2) { SSL_SESSION *ctx1, *ctx2; @@ -118,9 +139,8 @@ static VALUE ossl_ssl_session_eq(VALUE val1, VALUE val2) * call-seq: * session.time -> Time * - * Gets start time of the session. - * -*/ + * Returns the time at which the session was established. + */ static VALUE ossl_ssl_session_get_time(VALUE self) { SSL_SESSION *ctx; @@ -138,11 +158,12 @@ static VALUE ossl_ssl_session_get_time(VALUE self) /* * call-seq: - * session.timeout -> integer + * session.timeout -> Integer * - * Gets how long until the session expires in seconds. + * Returns the timeout value set for the session, in seconds from the + * established time. * -*/ + */ static VALUE ossl_ssl_session_get_timeout(VALUE self) { SSL_SESSION *ctx; @@ -157,12 +178,12 @@ static VALUE ossl_ssl_session_get_timeout(VALUE self) /* * call-seq: - * session.time=(Time) -> Time - * session.time=(integer) -> Time + * session.time = time + * session.time = integer * * Sets start time of the session. Time resolution is in seconds. * -*/ + */ static VALUE ossl_ssl_session_set_time(VALUE self, VALUE time_v) { SSL_SESSION *ctx; @@ -179,11 +200,10 @@ static VALUE ossl_ssl_session_set_time(VALUE self, VALUE time_v) /* * call-seq: - * session.timeout=(integer) -> integer + * session.timeout = integer * * Sets how long until the session expires in seconds. - * -*/ + */ static VALUE ossl_ssl_session_set_timeout(VALUE self, VALUE time_v) { SSL_SESSION *ctx; @@ -197,7 +217,7 @@ static VALUE ossl_ssl_session_set_timeout(VALUE self, VALUE time_v) /* * call-seq: - * session.id -> aString + * session.id -> String * * Returns the Session ID. */ @@ -216,10 +236,10 @@ static VALUE ossl_ssl_session_get_id(VALUE self) /* * call-seq: - * session.to_der -> aString + * session.to_der -> String * * Returns an ASN1 encoded String that contains the Session object. -*/ + */ static VALUE ossl_ssl_session_to_der(VALUE self) { SSL_SESSION *ctx; @@ -245,7 +265,7 @@ static VALUE ossl_ssl_session_to_der(VALUE self) * session.to_pem -> String * * Returns a PEM encoded String that contains the Session object. -*/ + */ static VALUE ossl_ssl_session_to_pem(VALUE self) { SSL_SESSION *ctx; @@ -277,8 +297,8 @@ static VALUE ossl_ssl_session_to_pem(VALUE self) * call-seq: * session.to_text -> String * - * Shows everything in the Session object. -*/ + * Shows everything in the Session object. This is for diagnostic purposes. + */ static VALUE ossl_ssl_session_to_text(VALUE self) { SSL_SESSION *ctx; @@ -308,14 +328,16 @@ static VALUE ossl_ssl_session_to_text(VALUE self) void Init_ossl_ssl_session(void) { #if 0 - mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ - mSSL = rb_define_module_under(mOSSL, "SSL"); + mOSSL = rb_define_module("OpenSSL"); + mSSL = rb_define_module_under(mOSSL, "SSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); #endif cSSLSession = rb_define_class_under(mSSL, "Session", rb_cObject); eSSLSession = rb_define_class_under(cSSLSession, "SessionError", eOSSLError); rb_define_alloc_func(cSSLSession, ossl_ssl_session_alloc); rb_define_method(cSSLSession, "initialize", ossl_ssl_session_initialize, 1); + rb_define_copy_func(cSSLSession, ossl_ssl_session_initialize_copy); rb_define_method(cSSLSession, "==", ossl_ssl_session_eq, 1); diff --git a/ext/openssl/ossl_version.h b/ext/openssl/ossl_version.h index dcd026a19c..1744c1cac4 100644 --- a/ext/openssl/ossl_version.h +++ b/ext/openssl/ossl_version.h @@ -10,6 +10,6 @@ #if !defined(_OSSL_VERSION_H_) #define _OSSL_VERSION_H_ -#define OSSL_VERSION "1.1.0" +#define OSSL_VERSION "2.0.0" #endif /* _OSSL_VERSION_H_ */ diff --git a/ext/openssl/ossl_x509.c b/ext/openssl/ossl_x509.c index 14f794e8ee..19ec274ae1 100644 --- a/ext/openssl/ossl_x509.c +++ b/ext/openssl/ossl_x509.c @@ -11,7 +11,7 @@ VALUE mX509; -#define DefX509Const(x) rb_define_const(mX509, #x,INT2FIX(X509_##x)) +#define DefX509Const(x) rb_define_const(mX509, #x, INT2NUM(X509_##x)) #define DefX509Default(x,i) \ rb_define_const(mX509, "DEFAULT_" #x, rb_str_new2(X509_get_default_##i())) @@ -34,6 +34,10 @@ ossl_x509_time_adjust(ASN1_TIME *s, VALUE time) void Init_ossl_x509(void) { +#if 0 + mOSSL = rb_define_module("OpenSSL"); +#endif + mX509 = rb_define_module_under(mOSSL, "X509"); Init_ossl_x509attr(); @@ -79,17 +83,88 @@ Init_ossl_x509(void) DefX509Const(V_ERR_KEYUSAGE_NO_CERTSIGN); DefX509Const(V_ERR_APPLICATION_VERIFICATION); + /* Set by Store#flags= and StoreContext#flags=. Enables CRL checking for the + * certificate chain leaf. */ DefX509Const(V_FLAG_CRL_CHECK); + /* Set by Store#flags= and StoreContext#flags=. Enables CRL checking for all + * certificates in the certificate chain */ DefX509Const(V_FLAG_CRL_CHECK_ALL); + /* Set by Store#flags= and StoreContext#flags=. Disables critical extension + * checking. */ + DefX509Const(V_FLAG_IGNORE_CRITICAL); + /* Set by Store#flags= and StoreContext#flags=. Disables workarounds for + * broken certificates. */ + DefX509Const(V_FLAG_X509_STRICT); + /* Set by Store#flags= and StoreContext#flags=. Enables proxy certificate + * verification. */ + DefX509Const(V_FLAG_ALLOW_PROXY_CERTS); + /* Set by Store#flags= and StoreContext#flags=. Enables certificate policy + * constraints checking. */ + DefX509Const(V_FLAG_POLICY_CHECK); + /* Set by Store#flags= and StoreContext#flags=. + * Implies V_FLAG_POLICY_CHECK */ + DefX509Const(V_FLAG_EXPLICIT_POLICY); + /* Set by Store#flags= and StoreContext#flags=. + * Implies V_FLAG_POLICY_CHECK */ + DefX509Const(V_FLAG_INHIBIT_ANY); + /* Set by Store#flags= and StoreContext#flags=. + * Implies V_FLAG_POLICY_CHECK */ + DefX509Const(V_FLAG_INHIBIT_MAP); + /* Set by Store#flags= and StoreContext#flags=. */ + DefX509Const(V_FLAG_NOTIFY_POLICY); +#if defined(X509_V_FLAG_EXTENDED_CRL_SUPPORT) + /* Set by Store#flags= and StoreContext#flags=. Enables some additional + * features including support for indirect signed CRLs. */ + DefX509Const(V_FLAG_EXTENDED_CRL_SUPPORT); +#endif +#if defined(X509_V_FLAG_USE_DELTAS) + /* Set by Store#flags= and StoreContext#flags=. Uses delta CRLs. If not + * specified, deltas are ignored. */ + DefX509Const(V_FLAG_USE_DELTAS); +#endif +#if defined(X509_V_FLAG_CHECK_SS_SIGNATURE) + /* Set by Store#flags= and StoreContext#flags=. Enables checking of the + * signature of the root self-signed CA. */ + DefX509Const(V_FLAG_CHECK_SS_SIGNATURE); +#endif +#if defined(X509_V_FLAG_TRUSTED_FIRST) + /* Set by Store#flags= and StoreContext#flags=. When constructing a + * certificate chain, search the Store first for the issuer certificate. + * Enabled by default in OpenSSL >= 1.1.0. */ + DefX509Const(V_FLAG_TRUSTED_FIRST); +#endif +#if defined(X509_V_FLAG_NO_ALT_CHAINS) + /* Set by Store#flags= and StoreContext#flags=. Suppresses searching for + * a alternative chain. No effect in OpenSSL >= 1.1.0. */ + DefX509Const(V_FLAG_NO_ALT_CHAINS); +#endif +#if defined(X509_V_FLAG_NO_CHECK_TIME) + /* Set by Store#flags= and StoreContext#flags=. Suppresses checking the + * validity period of certificates and CRLs. No effect when the current + * time is explicitly set by Store#time= or StoreContext#time=. */ + DefX509Const(V_FLAG_NO_CHECK_TIME); +#endif + /* Set by Store#purpose=. SSL/TLS client. */ DefX509Const(PURPOSE_SSL_CLIENT); + /* Set by Store#purpose=. SSL/TLS server. */ DefX509Const(PURPOSE_SSL_SERVER); + /* Set by Store#purpose=. Netscape SSL server. */ DefX509Const(PURPOSE_NS_SSL_SERVER); + /* Set by Store#purpose=. S/MIME signing. */ DefX509Const(PURPOSE_SMIME_SIGN); + /* Set by Store#purpose=. S/MIME encryption. */ DefX509Const(PURPOSE_SMIME_ENCRYPT); + /* Set by Store#purpose=. CRL signing */ DefX509Const(PURPOSE_CRL_SIGN); + /* Set by Store#purpose=. No checks. */ DefX509Const(PURPOSE_ANY); + /* Set by Store#purpose=. OCSP helper. */ DefX509Const(PURPOSE_OCSP_HELPER); +#if defined(X509_PURPOSE_TIMESTAMP_SIGN) + /* Set by Store#purpose=. Time stamps signer. */ + DefX509Const(PURPOSE_TIMESTAMP_SIGN); +#endif DefX509Const(TRUST_COMPAT); DefX509Const(TRUST_SSL_CLIENT); @@ -98,6 +173,9 @@ Init_ossl_x509(void) DefX509Const(TRUST_OBJECT_SIGN); DefX509Const(TRUST_OCSP_SIGN); DefX509Const(TRUST_OCSP_REQUEST); +#if defined(X509_TRUST_TSA) + DefX509Const(TRUST_TSA); +#endif DefX509Default(CERT_AREA, cert_area); DefX509Default(CERT_DIR, cert_dir); diff --git a/ext/openssl/ossl_x509.h b/ext/openssl/ossl_x509.h index 576804858e..c26da73897 100644 --- a/ext/openssl/ossl_x509.h +++ b/ext/openssl/ossl_x509.h @@ -31,7 +31,7 @@ extern VALUE cX509Attr; extern VALUE eX509AttrError; VALUE ossl_x509attr_new(X509_ATTRIBUTE *); -X509_ATTRIBUTE *DupX509AttrPtr(VALUE); +X509_ATTRIBUTE *GetX509AttrPtr(VALUE); void Init_ossl_x509attr(void); /* @@ -66,7 +66,6 @@ extern VALUE eX509ExtError; VALUE ossl_x509ext_new(X509_EXTENSION *); X509_EXTENSION *GetX509ExtPtr(VALUE); -X509_EXTENSION *DupX509ExtPtr(VALUE); void Init_ossl_x509ext(void); /* diff --git a/ext/openssl/ossl_x509attr.c b/ext/openssl/ossl_x509attr.c index 78ce236d96..ae0b347b5f 100644 --- a/ext/openssl/ossl_x509attr.c +++ b/ext/openssl/ossl_x509attr.c @@ -72,16 +72,13 @@ ossl_x509attr_new(X509_ATTRIBUTE *attr) } X509_ATTRIBUTE * -DupX509AttrPtr(VALUE obj) +GetX509AttrPtr(VALUE obj) { - X509_ATTRIBUTE *attr, *new; + X509_ATTRIBUTE *attr; SafeGetX509Attr(obj, attr); - if (!(new = X509_ATTRIBUTE_dup(attr))) { - ossl_raise(eX509AttrError, NULL); - } - return new; + return attr; } /* @@ -130,6 +127,25 @@ ossl_x509attr_initialize(int argc, VALUE *argv, VALUE self) return self; } +static VALUE +ossl_x509attr_initialize_copy(VALUE self, VALUE other) +{ + X509_ATTRIBUTE *attr, *attr_other, *attr_new; + + rb_check_frozen(self); + GetX509Attr(self, attr); + SafeGetX509Attr(other, attr_other); + + attr_new = X509_ATTRIBUTE_dup(attr_other); + if (!attr_new) + ossl_raise(eX509AttrError, "X509_ATTRIBUTE_dup"); + + SetX509Attr(self, attr_new); + X509_ATTRIBUTE_free(attr); + + return self; +} + /* * call-seq: * attr.oid = string => string @@ -141,12 +157,15 @@ ossl_x509attr_set_oid(VALUE self, VALUE oid) ASN1_OBJECT *obj; char *s; + GetX509Attr(self, attr); s = StringValueCStr(oid); obj = OBJ_txt2obj(s, 0); - if(!obj) obj = OBJ_txt2obj(s, 1); if(!obj) ossl_raise(eX509AttrError, NULL); - GetX509Attr(self, attr); - X509_ATTRIBUTE_set1_object(attr, obj); + if (!X509_ATTRIBUTE_set1_object(attr, obj)) { + ASN1_OBJECT_free(obj); + ossl_raise(eX509AttrError, "X509_ATTRIBUTE_set1_object"); + } + ASN1_OBJECT_free(obj); return oid; } @@ -289,11 +308,18 @@ ossl_x509attr_to_der(VALUE self) void Init_ossl_x509attr(void) { +#if 0 + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); + mX509 = rb_define_module_under(mOSSL, "X509"); +#endif + eX509AttrError = rb_define_class_under(mX509, "AttributeError", eOSSLError); cX509Attr = rb_define_class_under(mX509, "Attribute", rb_cObject); rb_define_alloc_func(cX509Attr, ossl_x509attr_alloc); rb_define_method(cX509Attr, "initialize", ossl_x509attr_initialize, -1); + rb_define_copy_func(cX509Attr, ossl_x509attr_initialize_copy); rb_define_method(cX509Attr, "oid=", ossl_x509attr_set_oid, 1); rb_define_method(cX509Attr, "oid", ossl_x509attr_get_oid, 0); rb_define_method(cX509Attr, "value=", ossl_x509attr_set_value, 1); diff --git a/ext/openssl/ossl_x509cert.c b/ext/openssl/ossl_x509cert.c index a7e37960e5..ad1126d465 100644 --- a/ext/openssl/ossl_x509cert.c +++ b/ext/openssl/ossl_x509cert.c @@ -456,10 +456,10 @@ static VALUE ossl_x509_get_not_before(VALUE self) { X509 *x509; - ASN1_UTCTIME *asn1time; + const ASN1_TIME *asn1time; GetX509(self, x509); - if (!(asn1time = X509_get_notBefore(x509))) { /* NO DUP - don't free! */ + if (!(asn1time = X509_get0_notBefore(x509))) { ossl_raise(eX509CertError, NULL); } @@ -474,10 +474,15 @@ static VALUE ossl_x509_set_not_before(VALUE self, VALUE time) { X509 *x509; + ASN1_TIME *asn1time; GetX509(self, x509); - if (!ossl_x509_time_adjust(X509_get_notBefore(x509), time)) - ossl_raise(eX509CertError, NULL); + asn1time = ossl_x509_time_adjust(NULL, time); + if (!X509_set_notBefore(x509, asn1time)) { + ASN1_TIME_free(asn1time); + ossl_raise(eX509CertError, "X509_set_notBefore"); + } + ASN1_TIME_free(asn1time); return time; } @@ -490,10 +495,10 @@ static VALUE ossl_x509_get_not_after(VALUE self) { X509 *x509; - ASN1_TIME *asn1time; + const ASN1_TIME *asn1time; GetX509(self, x509); - if (!(asn1time = X509_get_notAfter(x509))) { /* NO DUP - don't free! */ + if (!(asn1time = X509_get0_notAfter(x509))) { ossl_raise(eX509CertError, NULL); } @@ -508,10 +513,15 @@ static VALUE ossl_x509_set_not_after(VALUE self, VALUE time) { X509 *x509; + ASN1_TIME *asn1time; GetX509(self, x509); - if (!ossl_x509_time_adjust(X509_get_notAfter(x509), time)) - ossl_raise(eX509CertError, NULL); + asn1time = ossl_x509_time_adjust(NULL, time); + if (!X509_set_notAfter(x509, asn1time)) { + ASN1_TIME_free(asn1time); + ossl_raise(eX509CertError, "X509_set_notAfter"); + } + ASN1_TIME_free(asn1time); return time; } @@ -667,13 +677,10 @@ ossl_x509_set_extensions(VALUE self, VALUE ary) while ((ext = X509_delete_ext(x509, 0))) X509_EXTENSION_free(ext); for (i=0; ialgorithm)) { BIO_free(out); ossl_raise(eX509CRLError, NULL); @@ -230,17 +230,22 @@ ossl_x509crl_get_last_update(VALUE self) GetX509CRL(self, crl); - return asn1time_to_time(X509_CRL_get_lastUpdate(crl)); + return asn1time_to_time(X509_CRL_get0_lastUpdate(crl)); } static VALUE ossl_x509crl_set_last_update(VALUE self, VALUE time) { X509_CRL *crl; + ASN1_TIME *asn1time; GetX509CRL(self, crl); - if (!ossl_x509_time_adjust(X509_CRL_get_lastUpdate(crl), time)) - ossl_raise(eX509CRLError, NULL); + asn1time = ossl_x509_time_adjust(NULL, time); + if (!X509_CRL_set_lastUpdate(crl, asn1time)) { + ASN1_TIME_free(asn1time); + ossl_raise(eX509CRLError, "X509_CRL_set_lastUpdate"); + } + ASN1_TIME_free(asn1time); return time; } @@ -252,28 +257,22 @@ ossl_x509crl_get_next_update(VALUE self) GetX509CRL(self, crl); - return asn1time_to_time(X509_CRL_get_nextUpdate(crl)); + return asn1time_to_time(X509_CRL_get0_nextUpdate(crl)); } static VALUE ossl_x509crl_set_next_update(VALUE self, VALUE time) { X509_CRL *crl; - ASN1_TIME *orig, *new; + ASN1_TIME *asn1time; GetX509CRL(self, crl); - /* orig may be NULL at this time; in this case a new ASN1_TIME is created */ - orig = X509_CRL_get_nextUpdate(crl); - new = ossl_x509_time_adjust(orig, time); - - if (!X509_CRL_set_nextUpdate(crl, new)) { - if (!orig) - ASN1_TIME_free(new); - ossl_raise(eX509CRLError, NULL); + asn1time = ossl_x509_time_adjust(NULL, time); + if (!X509_CRL_set_nextUpdate(crl, asn1time)) { + ASN1_TIME_free(asn1time); + ossl_raise(eX509CRLError, "X509_CRL_set_nextUpdate"); } - /* X509_CRL_set_nextUpdate() dups when orig != new */ - if (!orig) - ASN1_TIME_free(new); + ASN1_TIME_free(asn1time); return time; } @@ -308,6 +307,7 @@ ossl_x509crl_set_revoked(VALUE self, VALUE ary) { X509_CRL *crl; X509_REVOKED *rev; + STACK_OF(X509_REVOKED) *sk; long i; Check_Type(ary, T_ARRAY); @@ -316,11 +316,15 @@ ossl_x509crl_set_revoked(VALUE self, VALUE ary) OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Rev); } GetX509CRL(self, crl); - sk_X509_REVOKED_pop_free(X509_CRL_get_REVOKED(crl), X509_REVOKED_free); + if ((sk = X509_CRL_get_REVOKED(crl))) { + while ((rev = sk_X509_REVOKED_pop(sk))) + X509_REVOKED_free(rev); + } for (i=0; i not critical + * call-seq: + * ef.create_ext(ln_or_sn, "value", critical = false) -> X509::Extension + * ef.create_ext(ln_or_sn, "critical,value") -> X509::Extension + * + * Creates a new X509::Extension with passed values. See also x509v3_config(5). */ static VALUE ossl_x509extfactory_create_ext(int argc, VALUE *argv, VALUE self) @@ -258,8 +230,11 @@ ossl_x509extfactory_create_ext(int argc, VALUE *argv, VALUE self) GetX509ExtFactory(self, ctx); obj = NewX509Ext(cX509Ext); rconf = rb_iv_get(self, "@config"); - conf = NIL_P(rconf) ? NULL : GetConfigPtr(rconf); + conf = NIL_P(rconf) ? NULL : DupConfigPtr(rconf); + X509V3_set_nconf(ctx, conf); ext = X509V3_EXT_nconf_nid(conf, ctx, nid, RSTRING_PTR(valstr)); + X509V3_set_ctx_nodb(ctx); + NCONF_free(conf); if (!ext){ ossl_raise(eX509ExtError, "%"PRIsVALUE" = %"PRIsVALUE, oid, valstr); } @@ -323,19 +298,40 @@ ossl_x509ext_initialize(int argc, VALUE *argv, VALUE self) return self; } +static VALUE +ossl_x509ext_initialize_copy(VALUE self, VALUE other) +{ + X509_EXTENSION *ext, *ext_other, *ext_new; + + rb_check_frozen(self); + GetX509Ext(self, ext); + SafeGetX509Ext(other, ext_other); + + ext_new = X509_EXTENSION_dup(ext_other); + if (!ext_new) + ossl_raise(eX509ExtError, "X509_EXTENSION_dup"); + + SetX509Ext(self, ext_new); + X509_EXTENSION_free(ext); + + return self; +} + static VALUE ossl_x509ext_set_oid(VALUE self, VALUE oid) { X509_EXTENSION *ext; ASN1_OBJECT *obj; - char *s; - s = StringValueCStr(oid); - obj = OBJ_txt2obj(s, 0); - if(!obj) obj = OBJ_txt2obj(s, 1); - if(!obj) ossl_raise(eX509ExtError, NULL); GetX509Ext(self, ext); - X509_EXTENSION_set_object(ext, obj); + obj = OBJ_txt2obj(StringValueCStr(oid), 0); + if (!obj) + ossl_raise(eX509ExtError, "OBJ_txt2obj"); + if (!X509_EXTENSION_set_object(ext, obj)) { + ASN1_OBJECT_free(obj); + ossl_raise(eX509ExtError, "X509_EXTENSION_set_object"); + } + ASN1_OBJECT_free(obj); return oid; } @@ -346,17 +342,15 @@ ossl_x509ext_set_value(VALUE self, VALUE data) X509_EXTENSION *ext; ASN1_OCTET_STRING *asn1s; + GetX509Ext(self, ext); data = ossl_to_der_if_possible(data); StringValue(data); - if(!(asn1s = ASN1_OCTET_STRING_new())){ - ossl_raise(eX509ExtError, NULL); - } - if(!ASN1_STRING_set((ASN1_STRING *)asn1s, (unsigned char *)RSTRING_PTR(data), RSTRING_LENINT(data))){ - ASN1_OCTET_STRING_free(asn1s); - ossl_raise(eX509ExtError, NULL); + asn1s = X509_EXTENSION_get_data(ext); + + if (!ASN1_OCTET_STRING_set(asn1s, (unsigned char *)RSTRING_PTR(data), + RSTRING_LENINT(data))) { + ossl_raise(eX509ExtError, "ASN1_OCTET_STRING_set"); } - GetX509Ext(self, ext); - X509_EXTENSION_set_data(ext, asn1s); return data; } @@ -447,6 +441,12 @@ ossl_x509ext_to_der(VALUE obj) void Init_ossl_x509ext(void) { +#if 0 + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); + mX509 = rb_define_module_under(mOSSL, "X509"); +#endif + eX509ExtError = rb_define_class_under(mX509, "ExtensionError", eOSSLError); cX509ExtFactory = rb_define_class_under(mX509, "ExtensionFactory", rb_cObject); @@ -458,18 +458,18 @@ Init_ossl_x509ext(void) rb_attr(cX509ExtFactory, rb_intern("subject_certificate"), 1, 0, Qfalse); rb_attr(cX509ExtFactory, rb_intern("subject_request"), 1, 0, Qfalse); rb_attr(cX509ExtFactory, rb_intern("crl"), 1, 0, Qfalse); - rb_attr(cX509ExtFactory, rb_intern("config"), 1, 0, Qfalse); + rb_attr(cX509ExtFactory, rb_intern("config"), 1, 1, Qfalse); rb_define_method(cX509ExtFactory, "issuer_certificate=", ossl_x509extfactory_set_issuer_cert, 1); rb_define_method(cX509ExtFactory, "subject_certificate=", ossl_x509extfactory_set_subject_cert, 1); rb_define_method(cX509ExtFactory, "subject_request=", ossl_x509extfactory_set_subject_req, 1); rb_define_method(cX509ExtFactory, "crl=", ossl_x509extfactory_set_crl, 1); - rb_define_method(cX509ExtFactory, "config=", ossl_x509extfactory_set_config, 1); rb_define_method(cX509ExtFactory, "create_ext", ossl_x509extfactory_create_ext, -1); cX509Ext = rb_define_class_under(mX509, "Extension", rb_cObject); rb_define_alloc_func(cX509Ext, ossl_x509ext_alloc); rb_define_method(cX509Ext, "initialize", ossl_x509ext_initialize, -1); + rb_define_copy_func(cX509Ext, ossl_x509ext_initialize_copy); rb_define_method(cX509Ext, "oid=", ossl_x509ext_set_oid, 1); rb_define_method(cX509Ext, "value=", ossl_x509ext_set_value, 1); rb_define_method(cX509Ext, "critical=", ossl_x509ext_set_critical, 1); diff --git a/ext/openssl/ossl_x509name.c b/ext/openssl/ossl_x509name.c index ff307c0626..abbdc3b11e 100644 --- a/ext/openssl/ossl_x509name.c +++ b/ext/openssl/ossl_x509name.c @@ -181,6 +181,25 @@ ossl_x509name_initialize(int argc, VALUE *argv, VALUE self) return self; } +static VALUE +ossl_x509name_initialize_copy(VALUE self, VALUE other) +{ + X509_NAME *name, *name_other, *name_new; + + rb_check_frozen(self); + GetX509Name(self, name); + SafeGetX509Name(other, name_other); + + name_new = X509_NAME_dup(name_other); + if (!name_new) + ossl_raise(eX509NameError, "X509_NAME_dup"); + + SetX509Name(self, name_new); + X509_NAME_free(name); + + return self; +} + /* * call-seq: * name.add_entry(oid, value [, type]) => self @@ -307,10 +326,7 @@ ossl_x509name_to_a(VALUE self) vname = rb_str_new2(short_name); /*do not free*/ } value = X509_NAME_ENTRY_get_data(entry); - ary = rb_ary_new3(3, - vname, - rb_str_new((const char *)value->data, value->length), - INT2FIX(value->type)); + ary = rb_ary_new3(3, vname, asn1str_to_str(value), INT2NUM(value->type)); rb_ary_push(ret, ary); } return ret; @@ -450,6 +466,12 @@ Init_ossl_x509name(void) { VALUE utf8str, ptrstr, ia5str, hash; +#if 0 + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); + mX509 = rb_define_module_under(mOSSL, "X509"); +#endif + id_aref = rb_intern("[]"); eX509NameError = rb_define_class_under(mX509, "NameError", eOSSLError); cX509Name = rb_define_class_under(mX509, "Name", rb_cObject); @@ -458,6 +480,7 @@ Init_ossl_x509name(void) rb_define_alloc_func(cX509Name, ossl_x509name_alloc); rb_define_method(cX509Name, "initialize", ossl_x509name_initialize, -1); + rb_define_copy_func(cX509Name, ossl_x509name_initialize_copy); rb_define_method(cX509Name, "add_entry", ossl_x509name_add_entry, -1); rb_define_method(cX509Name, "to_s", ossl_x509name_to_s, -1); rb_define_method(cX509Name, "to_a", ossl_x509name_to_a, 0); @@ -474,8 +497,7 @@ Init_ossl_x509name(void) ptrstr = INT2NUM(V_ASN1_PRINTABLESTRING); ia5str = INT2NUM(V_ASN1_IA5STRING); - /* Document-const: DEFAULT_OBJECT_TYPE - * + /* * The default object type for name entries. */ rb_define_const(cX509Name, "DEFAULT_OBJECT_TYPE", utf8str); @@ -489,14 +511,12 @@ Init_ossl_x509name(void) rb_hash_aset(hash, rb_str_new2("domainComponent"), ia5str); rb_hash_aset(hash, rb_str_new2("emailAddress"), ia5str); - /* Document-const: OBJECT_TYPE_TEMPLATE - * + /* * The default object type template for name entries. */ rb_define_const(cX509Name, "OBJECT_TYPE_TEMPLATE", hash); - /* Document-const: COMPAT - * + /* * A flag for #to_s. * * Breaks the name returned into multiple lines if longer than 80 @@ -504,24 +524,21 @@ Init_ossl_x509name(void) */ rb_define_const(cX509Name, "COMPAT", ULONG2NUM(XN_FLAG_COMPAT)); - /* Document-const: RFC2253 - * + /* * A flag for #to_s. * * Returns an RFC2253 format name. */ rb_define_const(cX509Name, "RFC2253", ULONG2NUM(XN_FLAG_RFC2253)); - /* Document-const: ONELINE - * + /* * A flag for #to_s. * * Returns a more readable format than RFC2253. */ rb_define_const(cX509Name, "ONELINE", ULONG2NUM(XN_FLAG_ONELINE)); - /* Document-const: MULTILINE - * + /* * A flag for #to_s. * * Returns a multiline format. diff --git a/ext/openssl/ossl_x509req.c b/ext/openssl/ossl_x509req.c index 9025d4fe28..d2619971d1 100644 --- a/ext/openssl/ossl_x509req.c +++ b/ext/openssl/ossl_x509req.c @@ -250,7 +250,7 @@ ossl_x509req_get_version(VALUE self) GetX509Req(self, req); version = X509_REQ_get_version(req); - return LONG2FIX(version); + return LONG2NUM(version); } static VALUE @@ -259,12 +259,12 @@ ossl_x509req_set_version(VALUE self, VALUE version) X509_REQ *req; long ver; - if ((ver = FIX2LONG(version)) < 0) { + if ((ver = NUM2LONG(version)) < 0) { ossl_raise(eX509ReqError, "version must be >= 0!"); } GetX509Req(self, req); if (!X509_REQ_set_version(req, ver)) { - ossl_raise(eX509ReqError, NULL); + ossl_raise(eX509ReqError, "X509_REQ_set_version"); } return version; @@ -302,7 +302,7 @@ static VALUE ossl_x509req_get_signature_algorithm(VALUE self) { X509_REQ *req; - X509_ALGOR *alg; + const X509_ALGOR *alg; BIO *out; BUF_MEM *buf; VALUE str; @@ -312,7 +312,7 @@ ossl_x509req_get_signature_algorithm(VALUE self) if (!(out = BIO_new(BIO_s_mem()))) { ossl_raise(eX509ReqError, NULL); } - X509_REQ_get0_signature(NULL, &alg, req); + X509_REQ_get0_signature(req, NULL, &alg); if (!i2a_ASN1_OBJECT(out, alg->algorithm)) { BIO_free(out); ossl_raise(eX509ReqError, NULL); @@ -432,7 +432,7 @@ ossl_x509req_set_attributes(VALUE self, VALUE ary) X509_ATTRIBUTE_free(attr); for (i=0;i e - next if /wrap/ =~ name and e.message == 'wrap mode not allowed' - raise + raise unless /wrap/ =~ name and /wrap mode not allowed/ =~ e.message end } end @@ -247,8 +242,81 @@ class OpenSSL::TestCipher < OpenSSL::TestCase end end + def test_aes_gcm_variable_iv_len + pt = "You should all use Authenticated Encryption!" + cipher = OpenSSL::Cipher.new("aes-128-gcm").encrypt + cipher.key = "x" * 16 + assert_equal(12, cipher.iv_len) + cipher.iv = "a" * 12 + ct1 = cipher.update(pt) << cipher.final + tag1 = cipher.auth_tag + + cipher = OpenSSL::Cipher.new("aes-128-gcm").encrypt + cipher.key = "x" * 16 + cipher.iv_len = 10 + assert_equal(10, cipher.iv_len) + cipher.iv = "a" * 10 + ct2 = cipher.update(pt) << cipher.final + tag2 = cipher.auth_tag + + assert_not_equal ct1, ct2 + assert_not_equal tag1, tag2 + + decipher = OpenSSL::Cipher.new("aes-128-gcm").decrypt + decipher.auth_tag = tag1 + decipher.key = "x" * 16 + decipher.iv_len = 12 + decipher.iv = "a" * 12 + assert_equal(pt, decipher.update(ct1) << decipher.final) + + decipher.reset + decipher.auth_tag = tag2 + assert_raise(OpenSSL::Cipher::CipherError) { + decipher.update(ct2) << decipher.final + } + + decipher.reset + decipher.auth_tag = tag2 + decipher.iv_len = 10 + decipher.iv = "a" * 10 + assert_equal(pt, decipher.update(ct2) << decipher.final) + end + end + def test_aes_ocb_tag_len + pt = "You should all use Authenticated Encryption!" + cipher = OpenSSL::Cipher.new("aes-128-ocb").encrypt + cipher.auth_tag_len = 14 + cipher.iv_len = 8 + key = cipher.random_key + iv = cipher.random_iv + cipher.auth_data = "aad" + ct = cipher.update(pt) + cipher.final + tag = cipher.auth_tag + assert_equal(14, tag.size) + + decipher = OpenSSL::Cipher.new("aes-128-ocb").decrypt + decipher.auth_tag_len = 14 + decipher.auth_tag = tag + decipher.iv_len = 8 + decipher.key = key + decipher.iv = iv + decipher.auth_data = "aad" + assert_equal(pt, decipher.update(ct) + decipher.final) + + decipher = OpenSSL::Cipher.new("aes-128-ocb").decrypt + decipher.auth_tag_len = 9 + decipher.auth_tag = tag[0, 9] + decipher.iv_len = 8 + decipher.key = key + decipher.iv = iv + decipher.auth_data = "aad" + assert_raise(OpenSSL::Cipher::CipherError) { + decipher.update(ct) + decipher.final + } + end if has_cipher?("aes-128-ocb") + private def new_encryptor(algo) diff --git a/test/openssl/test_config.rb b/test/openssl/test_config.rb index bedd1d047c..3e2e1273fb 100644 --- a/test/openssl/test_config.rb +++ b/test/openssl/test_config.rb @@ -25,7 +25,7 @@ __EOD__ def test_constants assert(defined?(OpenSSL::Config::DEFAULT_CONFIG_FILE)) config_file = OpenSSL::Config::DEFAULT_CONFIG_FILE - skip "DEFAULT_CONFIG_FILE may return a wrong path on your platforms. [Bug #6830]" unless File.readable?(config_file) + pend "DEFAULT_CONFIG_FILE may return a wrong path on your platforms. [Bug #6830]" unless File.readable?(config_file) assert_nothing_raised do OpenSSL::Config.load(config_file) end diff --git a/test/openssl/test_engine.rb b/test/openssl/test_engine.rb index bbf56a1887..2d394cf797 100644 --- a/test/openssl/test_engine.rb +++ b/test/openssl/test_engine.rb @@ -14,7 +14,7 @@ class OpenSSL::TestEngine < OpenSSL::TestCase def test_openssl_engine_builtin with_openssl <<-'end;' orig = OpenSSL::Engine.engines - skip "'openssl' is already loaded" if orig.any? { |e| e.id == "openssl" } + pend "'openssl' is already loaded" if orig.any? { |e| e.id == "openssl" } engine = OpenSSL::Engine.load("openssl") assert_equal(true, engine) assert_equal(1, OpenSSL::Engine.engines.size - orig.size) @@ -24,7 +24,7 @@ class OpenSSL::TestEngine < OpenSSL::TestCase def test_openssl_engine_by_id_string with_openssl <<-'end;' orig = OpenSSL::Engine.engines - skip "'openssl' is already loaded" if orig.any? { |e| e.id == "openssl" } + pend "'openssl' is already loaded" if orig.any? { |e| e.id == "openssl" } engine = get_engine assert_not_nil(engine) assert_equal(1, OpenSSL::Engine.engines.size - orig.size) @@ -72,11 +72,18 @@ class OpenSSL::TestEngine < OpenSSL::TestCase end; end + def test_dup + with_openssl <<-'end;' + engine = get_engine + assert_raise(NoMethodError) { engine.dup } + end; + end + private # this is required because OpenSSL::Engine methods change global state def with_openssl(code) - assert_separately(["-ropenssl"], <<~"end;") + assert_separately([{ "OSSL_MDEBUG" => nil }, "-ropenssl"], <<~"end;") require #{__FILE__.dump} include OpenSSL::TestEngine::Utils #{code} diff --git a/test/openssl/test_ocsp.rb b/test/openssl/test_ocsp.rb index f3e7c65dca..a69fd60fda 100644 --- a/test/openssl/test_ocsp.rb +++ b/test/openssl/test_ocsp.rb @@ -5,33 +5,47 @@ if defined?(OpenSSL::TestUtils) class OpenSSL::TestOCSP < OpenSSL::TestCase def setup + now = Time.at(Time.now.to_i) # suppress usec + dgst = OpenSSL::Digest::SHA1.new + + # @ca_cert + # | + # @cert + # |----------| + # @cert2 @ocsp_cert + ca_subj = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=TestCA") - ca_key = OpenSSL::TestUtils::TEST_KEY_RSA1024 - ca_serial = 0xabcabcabcabc + @ca_key = OpenSSL::TestUtils::TEST_KEY_RSA1024 ca_exts = [ ["basicConstraints", "CA:TRUE", true], ["keyUsage", "cRLSign,keyCertSign", true], ] - - subj = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=TestCert") - @key = OpenSSL::TestUtils::TEST_KEY_RSA1024 - serial = 0xabcabcabcabd - - now = Time.at(Time.now.to_i) # suppress usec - dgst = OpenSSL::Digest::SHA1.new - @ca_cert = OpenSSL::TestUtils.issue_cert( - ca_subj, ca_key, ca_serial, now, now+3600, ca_exts, nil, nil, dgst) + ca_subj, @ca_key, 1, now, now+3600, ca_exts, nil, nil, dgst) + + cert_subj = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=TestCA2") + @cert_key = OpenSSL::TestUtils::TEST_KEY_RSA1024 + cert_exts = [ + ["basicConstraints", "CA:TRUE", true], + ["keyUsage", "cRLSign,keyCertSign", true], + ] @cert = OpenSSL::TestUtils.issue_cert( - subj, @key, serial, now, now+3600, [], @ca_cert, ca_key, dgst) + cert_subj, @cert_key, 5, now, now+3600, cert_exts, @ca_cert, @ca_key, dgst) - @key2 = OpenSSL::TestUtils::TEST_KEY_RSA2048 + cert2_subj = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=TestCert") + @cert2_key = OpenSSL::TestUtils::TEST_KEY_RSA1024 cert2_exts = [ - ["extendedKeyUsage", "OCSPSigning", true], ] @cert2 = OpenSSL::TestUtils.issue_cert( - OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=TestCert2"), - @key2, serial+1, now, now+3600, cert2_exts, @ca_cert, ca_key, "SHA256") + cert2_subj, @cert2_key, 10, now, now+3600, cert2_exts, @cert, @cert_key, dgst) + + ocsp_subj = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=TestCAOCSP") + @ocsp_key = OpenSSL::TestUtils::TEST_KEY_RSA2048 + ocsp_exts = [ + ["extendedKeyUsage", "OCSPSigning", true], + ] + @ocsp_cert = OpenSSL::TestUtils.issue_cert( + ocsp_subj, @ocsp_key, 100, now, now+3600, ocsp_exts, @cert, @cert_key, "SHA256") end def test_new_certificate_id @@ -63,12 +77,13 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase end def test_certificate_id_der - cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert) # hash algorithm defaults to SHA-1 + cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert) der = cid.to_der asn1 = OpenSSL::ASN1.decode(der) + # hash algorithm defaults to SHA-1 assert_equal OpenSSL::ASN1.ObjectId("SHA1").to_der, asn1.value[0].value[0].to_der - assert_equal OpenSSL::Digest::SHA1.digest(@cert.issuer.to_der), asn1.value[1].value - assert_equal OpenSSL::Digest::SHA1.digest(OpenSSL::ASN1.decode(@ca_cert.to_der).value[0].value[6].value[1].value), asn1.value[2].value + assert_equal [cid.issuer_name_hash].pack("H*"), asn1.value[1].value + assert_equal [cid.issuer_key_hash].pack("H*"), asn1.value[2].value assert_equal @cert.serial, asn1.value[3].value assert_equal der, OpenSSL::OCSP::CertificateId.new(der).to_der end @@ -82,7 +97,7 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase request = OpenSSL::OCSP::Request.new cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new) request.add_certid(cid) - request.sign(@cert, @key, [@ca_cert], 0) + request.sign(@cert, @cert_key, [@ca_cert], 0) asn1 = OpenSSL::ASN1.decode(request.to_der) assert_equal cid.to_der, asn1.value[0].value.find { |a| a.tag_class == :UNIVERSAL }.value[0].value[0].to_der assert_equal OpenSSL::ASN1.ObjectId("sha1WithRSAEncryption").to_der, asn1.value[1].value[0].value[0].value[0].to_der @@ -92,40 +107,51 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase end def test_request_sign_verify - request = OpenSSL::OCSP::Request.new - cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new) - request.add_certid(cid) - request.sign(@cert, @key, nil, 0, "SHA1") - assert_equal cid.to_der, request.certid.first.to_der - store1 = OpenSSL::X509::Store.new; store1.add_cert(@ca_cert) - assert_equal true, request.verify([@cert], store1) - assert_equal true, request.verify([], store1) - store2 = OpenSSL::X509::Store.new; store1.add_cert(@cert2) - assert_equal false, request.verify([], store2) - assert_equal true, request.verify([], store2, OpenSSL::OCSP::NOVERIFY) + cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert) + store = OpenSSL::X509::Store.new.add_cert(@ca_cert) + + # with signer cert + req = OpenSSL::OCSP::Request.new.add_certid(cid) + req.sign(@cert, @cert_key, []) + assert_equal true, req.verify([], store) + + # without signer cert + req = OpenSSL::OCSP::Request.new.add_certid(cid) + req.sign(@cert, @cert_key, nil) + assert_equal false, req.verify([@cert2], store) + assert_equal false, req.verify([], store) # no signer + assert_equal false, req.verify([], store, OpenSSL::OCSP::NOVERIFY) + + assert_equal true, req.verify([@cert], store, OpenSSL::OCSP::NOINTERN) + ret = req.verify([@cert], store) + if ret || OpenSSL::OPENSSL_VERSION =~ /OpenSSL/ && OpenSSL::OPENSSL_VERSION_NUMBER >= 0x10002000 + assert_equal true, ret + else + # RT2560; OCSP_request_verify() does not find signer cert from 'certs' when + # OCSP_NOINTERN is not specified. + # fixed by OpenSSL 1.0.1j, 1.0.2 and LibreSSL 2.4.2 + pend "RT2560: ocsp_req_find_signer" + end end def test_request_nonce req0 = OpenSSL::OCSP::Request.new - req1 = OpenSSL::OCSP::Request.new - req1.add_nonce("NONCE") - req2 = OpenSSL::OCSP::Request.new - req2.add_nonce("NONCF") + req1 = OpenSSL::OCSP::Request.new.add_nonce("NONCE") + req2 = OpenSSL::OCSP::Request.new.add_nonce("ABCDE") bres = OpenSSL::OCSP::BasicResponse.new assert_equal 2, req0.check_nonce(bres) bres.copy_nonce(req1) + assert_equal 3, req0.check_nonce(bres) assert_equal 1, req1.check_nonce(bres) bres.add_nonce("NONCE") assert_equal 1, req1.check_nonce(bres) assert_equal 0, req2.check_nonce(bres) - assert_equal 3, req0.check_nonce(bres) end def test_request_dup request = OpenSSL::OCSP::Request.new cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new) request.add_certid(cid) - request.sign(@cert, @key, nil, 0, "SHA1") assert_equal request.to_der, request.dup.to_der end @@ -134,37 +160,49 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new) bres.add_status(cid, OpenSSL::OCSP::V_CERTSTATUS_GOOD, 0, nil, -300, 500, []) bres.add_nonce("NONCE") - bres.sign(@cert2, @key2, [@ca_cert], 0) + bres.sign(@ocsp_cert, @ocsp_key, [@ca_cert], 0) der = bres.to_der asn1 = OpenSSL::ASN1.decode(der) - assert_equal cid.to_der, asn1.value[0].value.find { |a| a.class == OpenSSL::ASN1::Sequence }.value[0].value[0].to_der - assert_equal OpenSSL::ASN1.Sequence([@cert2, @ca_cert]).to_der, asn1.value[3].value[0].to_der + assert_equal OpenSSL::ASN1.Sequence([@ocsp_cert, @ca_cert]).to_der, asn1.value[3].value[0].to_der assert_equal der, OpenSSL::OCSP::BasicResponse.new(der).to_der rescue TypeError if /GENERALIZEDTIME/ =~ $!.message - skip "OCSP_basic_sign() is broken" + pend "OCSP_basic_sign() is broken" else raise end end def test_basic_response_sign_verify - cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA256.new) + store = OpenSSL::X509::Store.new.add_cert(@ca_cert) + + # signed by CA + bres = OpenSSL::OCSP::BasicResponse.new + cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, "SHA256") + bres.add_status(cid, OpenSSL::OCSP::V_CERTSTATUS_GOOD, nil, -400, -300, 500, []) + bres.sign(@ca_cert, @ca_key, nil, 0, "SHA256") + assert_equal false, bres.verify([], store) # signer not found + assert_equal true, bres.verify([@ca_cert], store) + bres.sign(@ca_cert, @ca_key, [], 0, "SHA256") + assert_equal true, bres.verify([], store) + + # signed by OCSP signer bres = OpenSSL::OCSP::BasicResponse.new - bres.add_status(cid, OpenSSL::OCSP::V_CERTSTATUS_REVOKED, OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, -400, -300, 500, []) - bres.sign(@cert2, @key2, [], 0, "SHA256") # how can I check the algorithm? - store1 = OpenSSL::X509::Store.new; store1.add_cert(@ca_cert) - assert_equal true, bres.verify([], store1) - store2 = OpenSSL::X509::Store.new; store2.add_cert(@cert) - assert_equal false, bres.verify([], store2) - assert_equal true, bres.verify([], store2, OpenSSL::OCSP::NOVERIFY) + cid = OpenSSL::OCSP::CertificateId.new(@cert2, @cert) + bres.add_status(cid, OpenSSL::OCSP::V_CERTSTATUS_GOOD, nil, -400, -300, 500, []) + bres.sign(@ocsp_cert, @ocsp_key, [@cert]) + assert_equal true, bres.verify([], store) + assert_equal false, bres.verify([], store, OpenSSL::OCSP::NOCHAIN) + # OpenSSL had a bug on this; test that our workaround works + bres.sign(@ocsp_cert, @ocsp_key, []) + assert_equal true, bres.verify([@cert], store) end def test_basic_response_dup bres = OpenSSL::OCSP::BasicResponse.new cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new) bres.add_status(cid, OpenSSL::OCSP::V_CERTSTATUS_GOOD, 0, nil, -300, 500, []) - bres.sign(@cert2, @key2, [@ca_cert], 0) + bres.sign(@ocsp_cert, @ocsp_key, [@ca_cert], 0) assert_equal bres.to_der, bres.dup.to_der end @@ -172,7 +210,7 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase bres = OpenSSL::OCSP::BasicResponse.new now = Time.at(Time.now.to_i) cid1 = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new) - cid2 = OpenSSL::OCSP::CertificateId.new(@cert2, @ca_cert, OpenSSL::Digest::SHA1.new) + cid2 = OpenSSL::OCSP::CertificateId.new(@ocsp_cert, @ca_cert, OpenSSL::Digest::SHA1.new) cid3 = OpenSSL::OCSP::CertificateId.new(@ca_cert, @ca_cert, OpenSSL::Digest::SHA1.new) bres.add_status(cid1, OpenSSL::OCSP::V_CERTSTATUS_REVOKED, OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, now - 400, -300, nil, nil) bres.add_status(cid2, OpenSSL::OCSP::V_CERTSTATUS_GOOD, nil, nil, -300, 500, []) @@ -206,14 +244,14 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase def test_single_response_check_validity bres = OpenSSL::OCSP::BasicResponse.new cid1 = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new) - cid2 = OpenSSL::OCSP::CertificateId.new(@cert2, @ca_cert, OpenSSL::Digest::SHA1.new) + cid2 = OpenSSL::OCSP::CertificateId.new(@ocsp_cert, @ca_cert, OpenSSL::Digest::SHA1.new) bres.add_status(cid1, OpenSSL::OCSP::V_CERTSTATUS_REVOKED, OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, -400, -300, -50, []) bres.add_status(cid2, OpenSSL::OCSP::V_CERTSTATUS_REVOKED, OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, -400, -300, nil, []) bres.add_status(cid2, OpenSSL::OCSP::V_CERTSTATUS_GOOD, nil, nil, Time.now + 100, nil, nil) if bres.responses[2].check_validity # thisUpdate is in future; must fail # LibreSSL bug; skip for now - skip "OCSP_check_validity() is broken" + pend "OCSP_check_validity() is broken" end single1 = bres.responses[0] @@ -226,11 +264,22 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase assert_equal false, single2.check_validity(0, 200) end + def test_response + bres = OpenSSL::OCSP::BasicResponse.new + cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new) + bres.add_status(cid, OpenSSL::OCSP::V_CERTSTATUS_GOOD, 0, nil, -300, 500, []) + bres.sign(@ocsp_cert, @ocsp_key, []) + res = OpenSSL::OCSP::Response.create(OpenSSL::OCSP::RESPONSE_STATUS_SUCCESSFUL, bres) + + assert_equal bres.to_der, res.basic.to_der + assert_equal OpenSSL::OCSP::RESPONSE_STATUS_SUCCESSFUL, res.status + end + def test_response_der bres = OpenSSL::OCSP::BasicResponse.new cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new) bres.add_status(cid, OpenSSL::OCSP::V_CERTSTATUS_GOOD, 0, nil, -300, 500, []) - bres.sign(@cert2, @key2, [@ca_cert], 0) + bres.sign(@ocsp_cert, @ocsp_key, [@ca_cert], 0) res = OpenSSL::OCSP::Response.create(OpenSSL::OCSP::RESPONSE_STATUS_SUCCESSFUL, bres) der = res.to_der asn1 = OpenSSL::ASN1.decode(der) @@ -242,7 +291,7 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase def test_response_dup bres = OpenSSL::OCSP::BasicResponse.new - bres.sign(@cert2, @key2, [@ca_cert], 0) + bres.sign(@ocsp_cert, @ocsp_key, [@ca_cert], 0) res = OpenSSL::OCSP::Response.create(OpenSSL::OCSP::RESPONSE_STATUS_SUCCESSFUL, bres) assert_equal res.to_der, res.dup.to_der end diff --git a/test/openssl/test_pair.rb b/test/openssl/test_pair.rb index d611d0f965..9250222979 100644 --- a/test/openssl/test_pair.rb +++ b/test/openssl/test_pair.rb @@ -4,7 +4,7 @@ require_relative 'utils' if defined?(OpenSSL::TestUtils) require 'socket' -require_relative '../ruby/ut_eof' +require_relative 'ut_eof' module OpenSSL::SSLPairM def server @@ -322,6 +322,16 @@ module OpenSSL::TestPairM } end + def test_partial_tls_record_read_nonblock + ssl_pair { |s1, s2| + # the beginning of a TLS record + s1.io.write("\x17") + # should raise a IO::WaitReadable since a full TLS record is not available + # for reading + assert_raise(IO::WaitReadable) { s2.read_nonblock(1) } + } + end + def tcp_pair host = "127.0.0.1" serv = TCPServer.new(host, 0) @@ -341,7 +351,7 @@ module OpenSSL::TestPairM ctx2.tmp_dh_callback = nil sock1, sock2 = tcp_pair s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) - accepted = s2.accept_nonblock(exception: false) + s2.accept_nonblock(exception: false) ctx1 = OpenSSL::SSL::SSLContext.new ctx1.ciphers = "DH" @@ -350,16 +360,16 @@ module OpenSSL::TestPairM s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) t = Thread.new { s1.connect } - accept = s2.accept + EnvUtil.suppress_warning { # uses default callback + assert_nothing_raised { s2.accept } + } assert_equal s1, t.value - assert accept ensure t.join if t s1.close if s1 s2.close if s2 sock1.close if sock1 sock2.close if sock2 - accepted.close if accepted.respond_to?(:close) end def test_connect_without_setting_dh_callback @@ -368,7 +378,7 @@ module OpenSSL::TestPairM ctx2.security_level = 0 sock1, sock2 = tcp_pair s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) - accepted = s2.accept_nonblock(exception: false) + s2.accept_nonblock(exception: false) ctx1 = OpenSSL::SSL::SSLContext.new ctx1.ciphers = "DH" @@ -376,16 +386,16 @@ module OpenSSL::TestPairM s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) t = Thread.new { s1.connect } - accept = s2.accept + EnvUtil.suppress_warning { # default DH + assert_nothing_raised { s2.accept } + } assert_equal s1, t.value - assert accept ensure t.join if t s1.close if s1 s2.close if s2 sock1.close if sock1 sock2.close if sock2 - accepted.close if accepted.respond_to?(:close) end def test_ecdh_callback @@ -422,11 +432,11 @@ module OpenSSL::TestPairM end until rv == s1 end - accepted = s2.accept + s2.accept assert called, 'ecdh callback should be called' rescue OpenSSL::SSL::SSLError => e if e.message =~ /no cipher match/ - skip "ECDH cipher not supported." + pend "ECDH cipher not supported." else raise e end @@ -447,7 +457,7 @@ module OpenSSL::TestPairM begin ctx1.ciphers = "ECDH" rescue OpenSSL::SSL::SSLError - skip "ECDH is not enabled in this OpenSSL" if $!.message =~ /no cipher match/ + pend "ECDH is not enabled in this OpenSSL" if $!.message =~ /no cipher match/ raise end ctx1.ecdh_curves = "P-384:P-521" diff --git a/test/openssl/test_partial_record_read.rb b/test/openssl/test_partial_record_read.rb deleted file mode 100644 index 71e644a039..0000000000 --- a/test/openssl/test_partial_record_read.rb +++ /dev/null @@ -1,35 +0,0 @@ -# frozen_string_literal: false -require_relative "utils" - -if defined?(OpenSSL::TestUtils) - - class OpenSSL::TestPartialRecordRead < OpenSSL::SSLTestCase - def test_partial_tls_record_read_nonblock - start_server(OpenSSL::SSL::VERIFY_NONE, true, :server_proc => - Proc.new do |server_ctx, server_ssl| - begin - server_ssl.io.write("\x01") # the beginning of a TLS record - sleep 6 # do not finish prematurely before the read by the client is attempted - ensure - server_ssl.close - end - end - ) do |server, port| - sock = TCPSocket.new("127.0.0.1", port) - ssl = OpenSSL::SSL::SSLSocket.new(sock) - ssl.sync_close = true - begin - ssl.connect - sleep 3 # wait is required for the (incomplete) TLS record to arrive at the client socket - - # Should raise a IO::WaitReadable since a full TLS record is not available for reading. - assert_raise(IO::WaitReadable) { ssl.read_nonblock(1) } - ensure - ssl.close - end - end - end - - end - -end diff --git a/test/openssl/test_pkcs12.rb b/test/openssl/test_pkcs12.rb index 61fb447473..7ab501c480 100644 --- a/test/openssl/test_pkcs12.rb +++ b/test/openssl/test_pkcs12.rb @@ -180,6 +180,11 @@ Li8JsX5yIiuVYaBg/6ha3tOg4TCa5K/3r3tVliRZ2Es= end end + def test_dup + p12 = OpenSSL::PKCS12.create("pass", "name", TEST_KEY_RSA1024, @mycert) + assert_equal p12.to_der, p12.dup.to_der + end + private def assert_cert expected, actual [ diff --git a/test/openssl/test_pkey.rb b/test/openssl/test_pkey.rb new file mode 100644 index 0000000000..79647c8f1d --- /dev/null +++ b/test/openssl/test_pkey.rb @@ -0,0 +1,49 @@ +# frozen_string_literal: false +require_relative "utils" + +if defined?(OpenSSL::TestUtils) + +class OpenSSL::TestPKey < OpenSSL::PKeyTestCase + PKEYS = { + OpenSSL::PKey::RSA => { + key: OpenSSL::TestUtils::TEST_KEY_RSA1024, + digest: OpenSSL::Digest::SHA1, + }, + OpenSSL::PKey::DSA => { + key: OpenSSL::TestUtils::TEST_KEY_DSA512, + digest: OpenSSL::TestUtils::DSA_SIGNATURE_DIGEST, + }, + } + if defined?(OpenSSL::PKey::EC) + PKEYS[OpenSSL::PKey::EC] = { + key: OpenSSL::TestUtils::TEST_KEY_EC_P256V1, + digest: OpenSSL::Digest::SHA1, + } + end + + def test_sign_verify + data = "Sign me!" + invalid_data = "Sign me?" + PKEYS.each do |klass, prop| + key = prop[:key] + pub_key = dup_public(prop[:key]) + digest = prop[:digest].new + signature = key.sign(digest, data) + assert_equal(true, pub_key.verify(digest, signature, data)) + assert_equal(false, pub_key.verify(digest, signature, invalid_data)) + # digest state is irrelevant + digest << "unya" + assert_equal(true, pub_key.verify(digest, signature, data)) + assert_equal(false, pub_key.verify(digest, signature, invalid_data)) + + if OpenSSL::OPENSSL_VERSION_NUMBER > 0x10000000 + digest = OpenSSL::Digest::SHA256.new + signature = key.sign(digest, data) + assert_equal(true, pub_key.verify(digest, signature, data)) + assert_equal(false, pub_key.verify(digest, signature, invalid_data)) + end + end + end +end + +end diff --git a/test/openssl/test_pkey_dh.rb b/test/openssl/test_pkey_dh.rb index 4d84f7ad49..470c952e21 100644 --- a/test/openssl/test_pkey_dh.rb +++ b/test/openssl/test_pkey_dh.rb @@ -3,33 +3,25 @@ require_relative 'utils' if defined?(OpenSSL::TestUtils) -class OpenSSL::TestPKeyDH < OpenSSL::TestCase +class OpenSSL::TestPKeyDH < OpenSSL::PKeyTestCase + DH1024 = OpenSSL::TestUtils::TEST_KEY_DH1024 NEW_KEYLEN = 256 - def test_DEFAULT_1024 - params = <<-eop ------BEGIN DH PARAMETERS----- -MIGHAoGBAJ0lOVy0VIr/JebWn0zDwY2h+rqITFOpdNr6ugsgvkDXuucdcChhYExJ -AV/ZD2AWPbrTqV76mGRgJg4EddgT1zG0jq3rnFdMj2XzkBYx3BVvfR0Arnby0RHR -T4h7KZ/2zmjvV+eF8kBUHBJAojUlzxKj4QeO2x20FP9X5xmNUXeDAgEC ------END DH PARAMETERS----- - eop - assert_equal params, OpenSSL::PKey::DH::DEFAULT_1024.to_s - end - - def test_DEFAULT_2048 - params = <<-eop ------BEGIN DH PARAMETERS----- -MIIBCAKCAQEA7E6kBrYiyvmKAMzQ7i8WvwVk9Y/+f8S7sCTN712KkK3cqd1jhJDY -JbrYeNV3kUIKhPxWHhObHKpD1R84UpL+s2b55+iMd6GmL7OYmNIT/FccKhTcveab -VBmZT86BZKYyf45hUF9FOuUM9xPzuK3Vd8oJQvfYMCd7LPC0taAEljQLR4Edf8E6 -YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3 -1bNveX5wInh5GDx1FGhKBZ+s1H+aedudCm7sCgRwv8lKWYGiHzObSma8A86KG+MD -7Lo5JquQ3DlBodj3IDyPrxIv96lvRPFtAwIBAg== ------END DH PARAMETERS----- - eop - assert_equal params, OpenSSL::PKey::DH::DEFAULT_2048.to_s + def test_DEFAULT_parameters + list = { + 1024 => OpenSSL::PKey::DH::DEFAULT_1024, + 2048 => OpenSSL::PKey::DH::DEFAULT_2048, + } + + list.each do |expected_size, dh| + assert_equal expected_size, dh.p.num_bits + assert_predicate dh.p, :prime? + result, remainder = (dh.p - 1) / 2 + assert_predicate result, :prime? + assert_equal 0, remainder + assert_no_key dh + end end def test_new @@ -44,20 +36,26 @@ YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3 end end - def test_to_der - dh = OpenSSL::TestUtils::TEST_KEY_DH1024 - der = dh.to_der - dh2 = OpenSSL::PKey::DH.new(der) - assert_equal_params(dh, dh2) - assert_no_key(dh2) - end - - def test_to_pem - dh = OpenSSL::TestUtils::TEST_KEY_DH1024 - pem = dh.to_pem - dh2 = OpenSSL::PKey::DH.new(pem) - assert_equal_params(dh, dh2) - assert_no_key(dh2) + def test_DHparams + asn1 = OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::Integer(DH1024.p), + OpenSSL::ASN1::Integer(DH1024.g) + ]) + key = OpenSSL::PKey::DH.new(asn1.to_der) + assert_same_dh dup_public(DH1024), key + + pem = <<~EOF + -----BEGIN DH PARAMETERS----- + MIGHAoGBAKnKQ8MNK6nYZzLrrcuTsLxuiJGXoOO5gT+tljOTbHBuiktdMTITzIY0 + pFxIvjG05D7HoBZQfrR0c92NGWPkAiCkhQKB8JCbPVzwNLDy6DZ0pmofDKrEsYHG + AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC + -----END DH PARAMETERS----- + EOF + key = OpenSSL::PKey::DH.new(pem) + assert_same_dh dup_public(DH1024), key + + assert_equal asn1.to_der, DH1024.to_der + assert_equal pem, DH1024.export end def test_public_key @@ -113,6 +111,10 @@ YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3 assert(dh.pub_key) assert(dh.priv_key) end + + def assert_same_dh(expected, key) + check_component(expected, key, [:p, :q, :g, :pub_key, :priv_key]) + end end end diff --git a/test/openssl/test_pkey_dsa.rb b/test/openssl/test_pkey_dsa.rb index 9c29c034d0..d0ba8ec0f0 100644 --- a/test/openssl/test_pkey_dsa.rb +++ b/test/openssl/test_pkey_dsa.rb @@ -4,7 +4,9 @@ require 'base64' if defined?(OpenSSL::TestUtils) -class OpenSSL::TestPKeyDSA < OpenSSL::TestCase +class OpenSSL::TestPKeyDSA < OpenSSL::PKeyTestCase + DSA512 = OpenSSL::TestUtils::TEST_KEY_DSA512 + def test_private key = OpenSSL::PKey::DSA.new(256) assert(key.private?) @@ -20,6 +22,11 @@ class OpenSSL::TestPKeyDSA < OpenSSL::TestCase key = OpenSSL::PKey::DSA.new 256 pem = key.public_key.to_pem OpenSSL::PKey::DSA.new pem + if $0 == __FILE__ + assert_nothing_raised { + key = OpenSSL::PKey::DSA.new 2048 + } + end end def test_new_break @@ -37,55 +44,102 @@ class OpenSSL::TestPKeyDSA < OpenSSL::TestCase assert(key.sysverify(digest, sig)) end - def test_sign_verify - check_sign_verify(OpenSSL::Digest::DSS1.new) - end if defined?(OpenSSL::Digest::DSS1) - -if (OpenSSL::OPENSSL_VERSION_NUMBER > 0x10000000) - def test_sign_verify_sha1 - check_sign_verify(OpenSSL::Digest::SHA1.new) - end - - def test_sign_verify_sha256 - check_sign_verify(OpenSSL::Digest::SHA256.new) - end -end - - def test_digest_state_irrelevant_verify - key = OpenSSL::TestUtils::TEST_KEY_DSA256 - digest1 = OpenSSL::TestUtils::DSA_SIGNATURE_DIGEST.new - digest2 = OpenSSL::TestUtils::DSA_SIGNATURE_DIGEST.new - data = 'Sign me!' - sig = key.sign(digest1, data) - digest1.reset - digest1 << 'Change state of digest1' - assert(key.verify(digest1, sig, data)) - assert(key.verify(digest2, sig, data)) - end + def test_DSAPrivateKey + # OpenSSL DSAPrivateKey format; similar to RSAPrivateKey + asn1 = OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::Integer(0), + OpenSSL::ASN1::Integer(DSA512.p), + OpenSSL::ASN1::Integer(DSA512.q), + OpenSSL::ASN1::Integer(DSA512.g), + OpenSSL::ASN1::Integer(DSA512.pub_key), + OpenSSL::ASN1::Integer(DSA512.priv_key) + ]) + key = OpenSSL::PKey::DSA.new(asn1.to_der) + assert_predicate key, :private? + assert_same_dsa DSA512, key + + pem = <<~EOF + -----BEGIN DSA PRIVATE KEY----- + MIH4AgEAAkEA5lB4GvEwjrsMlGDqGsxrbqeFRh6o9OWt6FgTYiEEHaOYhkIxv0Ok + RZPDNwOG997mDjBnvDJ1i56OmS3MbTnovwIVAJgub/aDrSDB4DZGH7UyarcaGy6D + AkB9HdFw/3td8K4l1FZHv7TCZeJ3ZLb7dF3TWoGUP003RCqoji3/lHdKoVdTQNuR + S/m6DlCwhjRjiQ/lBRgCLCcaAkEAjN891JBjzpMj4bWgsACmMggFf57DS0Ti+5++ + Q1VB8qkJN7rA7/2HrCR3gTsWNb1YhAsnFsoeRscC+LxXoXi9OAIUBG98h4tilg6S + 55jreJD3Se3slps= + -----END DSA PRIVATE KEY----- + EOF + key = OpenSSL::PKey::DSA.new(pem) + assert_same_dsa DSA512, key + + assert_equal asn1.to_der, DSA512.to_der + assert_equal pem, DSA512.export + end + + def test_DSAPrivateKey_encrypted + # key = abcdef + pem = <<~EOF + -----BEGIN DSA PRIVATE KEY----- + Proc-Type: 4,ENCRYPTED + DEK-Info: AES-128-CBC,F8BB7BFC7EAB9118AC2E3DA16C8DB1D9 + + D2sIzsM9MLXBtlF4RW42u2GB9gX3HQ3prtVIjWPLaKBYoToRUiv8WKsjptfZuLSB + 74ZPdMS7VITM+W1HIxo/tjS80348Cwc9ou8H/E6WGat8ZUk/igLOUEII+coQS6qw + QpuLMcCIavevX0gjdjEIkojBB81TYDofA1Bp1z1zDI/2Zhw822xapI79ZF7Rmywt + OSyWzFaGipgDpdFsGzvT6//z0jMr0AuJVcZ0VJ5lyPGQZAeVBlbYEI4T72cC5Cz7 + XvLiaUtum6/sASD2PQqdDNpgx/WA6Vs1Po2kIUQIM5TIwyJI0GdykZcYm6xIK/ta + Wgx6c8K+qBAIVrilw3EWxw== + -----END DSA PRIVATE KEY----- + EOF + key = OpenSSL::PKey::DSA.new(pem, "abcdef") + assert_same_dsa DSA512, key + key = OpenSSL::PKey::DSA.new(pem) { "abcdef" } + assert_same_dsa DSA512, key + + cipher = OpenSSL::Cipher.new("aes-128-cbc") + exported = DSA512.to_pem(cipher, "abcdef\0\1") + assert_same_dsa DSA512, OpenSSL::PKey::DSA.new(exported, "abcdef\0\1") + assert_raise(OpenSSL::PKey::DSAError) { + OpenSSL::PKey::DSA.new(exported, "abcdef") + } + end + + def test_PUBKEY + asn1 = OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::ObjectId("DSA"), + OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::Integer(DSA512.p), + OpenSSL::ASN1::Integer(DSA512.q), + OpenSSL::ASN1::Integer(DSA512.g) + ]) + ]), + OpenSSL::ASN1::BitString( + OpenSSL::ASN1::Integer(DSA512.pub_key).to_der + ) + ]) + key = OpenSSL::PKey::DSA.new(asn1.to_der) + assert_not_predicate key, :private? + assert_same_dsa dup_public(DSA512), key + + pem = <<~EOF + -----BEGIN PUBLIC KEY----- + MIHxMIGoBgcqhkjOOAQBMIGcAkEA5lB4GvEwjrsMlGDqGsxrbqeFRh6o9OWt6FgT + YiEEHaOYhkIxv0OkRZPDNwOG997mDjBnvDJ1i56OmS3MbTnovwIVAJgub/aDrSDB + 4DZGH7UyarcaGy6DAkB9HdFw/3td8K4l1FZHv7TCZeJ3ZLb7dF3TWoGUP003RCqo + ji3/lHdKoVdTQNuRS/m6DlCwhjRjiQ/lBRgCLCcaA0QAAkEAjN891JBjzpMj4bWg + sACmMggFf57DS0Ti+5++Q1VB8qkJN7rA7/2HrCR3gTsWNb1YhAsnFsoeRscC+LxX + oXi9OA== + -----END PUBLIC KEY----- + EOF + key = OpenSSL::PKey::DSA.new(pem) + assert_same_dsa dup_public(DSA512), key - def test_read_DSA_PUBKEY - p = 7188211954100152441468596248707152960171255279130004340103875772401008316444412091945435731597638374542374929457672178957081124632837356913990200866056699 - q = 957032439192465935099784319494405376402293318491 - g = 122928973717064636255205666162891733518376475981809749897454444301389338825906076467196186192907631719698166056821519884939865041993585844526937010746285 - y = 1235756183583465414789073313502727057075641172514181938731172021825149551960029708596057102104063395063907739571546165975727369183495540798749742124846271 - algo = OpenSSL::ASN1::ObjectId.new('DSA') - params = OpenSSL::ASN1::Sequence.new([OpenSSL::ASN1::Integer.new(p), - OpenSSL::ASN1::Integer.new(q), - OpenSSL::ASN1::Integer.new(g)]) - algo_id = OpenSSL::ASN1::Sequence.new ([algo, params]) - pub_key = OpenSSL::ASN1::Integer.new(y) - seq = OpenSSL::ASN1::Sequence.new([algo_id, OpenSSL::ASN1::BitString.new(pub_key.to_der)]) - key = OpenSSL::PKey::DSA.new(seq.to_der) - assert(key.public?) - assert(!key.private?) - assert_equal(p, key.p) - assert_equal(q, key.q) - assert_equal(g, key.g) - assert_equal(y, key.pub_key) - assert_equal(nil, key.priv_key) + assert_equal asn1.to_der, dup_public(DSA512).to_der + assert_equal pem, dup_public(DSA512).export end def test_read_DSAPublicKey_pem + # TODO: where is the standard? PKey::DSA.new can read only PEM p = 12260055936871293565827712385212529106400444521449663325576634579961635627321079536132296996623400607469624537382977152381984332395192110731059176842635699 q = 979494906553787301107832405790107343409973851677 g = 3731695366899846297271147240305742456317979984190506040697507048095553842519347835107669437969086119948785140453492839427038591924536131566350847469993845 @@ -109,127 +163,6 @@ fWLOqqkzFeRrYMDzUpl36XktY6Yq8EJYlW9pCMmBVNy/dQ== assert_equal(nil, key.priv_key) end - def test_read_DSA_PUBKEY_pem - p = 12260055936871293565827712385212529106400444521449663325576634579961635627321079536132296996623400607469624537382977152381984332395192110731059176842635699 - q = 979494906553787301107832405790107343409973851677 - g = 3731695366899846297271147240305742456317979984190506040697507048095553842519347835107669437969086119948785140453492839427038591924536131566350847469993845 - y = 10505239074982761504240823422422813362721498896040719759460296306305851824586095328615844661273887569281276387605297130014564808567159023649684010036304695 - pem = <<-EOF ------BEGIN PUBLIC KEY----- -MIHxMIGoBgcqhkjOOAQBMIGcAkEA6hXntfQXEo78+s1r8yShbOQIpX+HOESnTNsV -2yJzD6EiMntLpJ38WUOWjz0dBnYW69YnrAYszWPTSvf34XapswIVAKuSEhdIb6Kz -fuHPUhoF4S52MHYdAkBHQCWhq8G+2yeDyhuyMtvsQqcH6lJ4ev8F0hDdUft9Ys6q -qTMV5GtgwPNSmXfpeS1jpirwQliVb2kIyYFU3L91A0QAAkEAyJSJ+g+P/knVcgDw -wTzC7Pwg/pWs2EMd/r+lYlXhNfzg0biuXRul8VR4VUC/phySExY0PdcqItkR/xYA -YNMbNw== ------END PUBLIC KEY----- - EOF - key = OpenSSL::PKey::DSA.new(pem) - assert(key.public?) - assert(!key.private?) - assert_equal(p, key.p) - assert_equal(q, key.q) - assert_equal(g, key.g) - assert_equal(y, key.pub_key) - assert_equal(nil, key.priv_key) - end - - def test_export_format_is_DSA_PUBKEY_pem - key = OpenSSL::TestUtils::TEST_KEY_DSA256 - pem = key.public_key.to_pem - pem.gsub!(/^-+(\w|\s)+-+$/, "") # eliminate --------BEGIN...------- - asn1 = OpenSSL::ASN1.decode(Base64.decode64(pem)) - assert_equal(OpenSSL::ASN1::SEQUENCE, asn1.tag) - assert_equal(2, asn1.value.size) - seq = asn1.value - assert_equal(OpenSSL::ASN1::SEQUENCE, seq[0].tag) - assert_equal(2, seq[0].value.size) - algo_id = seq[0].value - assert_equal(OpenSSL::ASN1::OBJECT, algo_id[0].tag) - assert_equal('DSA', algo_id[0].value) - assert_equal(OpenSSL::ASN1::SEQUENCE, algo_id[1].tag) - assert_equal(3, algo_id[1].value.size) - params = algo_id[1].value - assert_equal(OpenSSL::ASN1::INTEGER, params[0].tag) - assert_equal(key.p, params[0].value) - assert_equal(OpenSSL::ASN1::INTEGER, params[1].tag) - assert_equal(key.q, params[1].value) - assert_equal(OpenSSL::ASN1::INTEGER, params[2].tag) - assert_equal(key.g, params[2].value) - assert_equal(OpenSSL::ASN1::BIT_STRING, seq[1].tag) - assert_equal(0, seq[1].unused_bits) - pub_key = OpenSSL::ASN1.decode(seq[1].value) - assert_equal(OpenSSL::ASN1::INTEGER, pub_key.tag) - assert_equal(key.pub_key, pub_key.value) - end - - def test_read_private_key_der - key = OpenSSL::TestUtils::TEST_KEY_DSA256 - der = key.to_der - key2 = OpenSSL::PKey.read(der) - assert(key2.private?) - assert_equal(der, key2.to_der) - end - - def test_read_private_key_pem - key = OpenSSL::TestUtils::TEST_KEY_DSA256 - pem = key.to_pem - key2 = OpenSSL::PKey.read(pem) - assert(key2.private?) - assert_equal(pem, key2.to_pem) - end - - def test_read_public_key_der - key = OpenSSL::TestUtils::TEST_KEY_DSA256.public_key - der = key.to_der - key2 = OpenSSL::PKey.read(der) - assert(!key2.private?) - assert_equal(der, key2.to_der) - end - - def test_read_public_key_pem - key = OpenSSL::TestUtils::TEST_KEY_DSA256.public_key - pem = key.to_pem - key2 = OpenSSL::PKey.read(pem) - assert(!key2.private?) - assert_equal(pem, key2.to_pem) - end - - def test_read_private_key_pem_pw - key = OpenSSL::TestUtils::TEST_KEY_DSA256 - pem = key.to_pem(OpenSSL::Cipher.new('AES-128-CBC'), 'secret') - #callback form for password - key2 = OpenSSL::PKey.read(pem) do - 'secret' - end - assert(key2.private?) - # pass password directly - key2 = OpenSSL::PKey.read(pem, 'secret') - assert(key2.private?) - #omit pem equality check, will be different due to cipher iv - end - - def test_export_password_length - key = OpenSSL::TestUtils::TEST_KEY_DSA256 - assert_raise(OpenSSL::OpenSSLError) do - key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'sec') - end - pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'secr') - assert(pem) - end - - def test_export_password_funny - key = OpenSSL::TestUtils::TEST_KEY_DSA256 - pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), "pass\0wd") - assert_raise(ArgumentError) do - OpenSSL::PKey.read(pem, "pass") - end - key2 = OpenSSL::PKey.read(pem, "pass\0wd") - assert(key2.private?) - key3 = OpenSSL::PKey::DSA.new(pem, "pass\0wd") - assert(key3.private?) - end - def test_dup key = OpenSSL::PKey::DSA.new(256) key2 = key.dup @@ -239,12 +172,8 @@ YNMbNw== end private - - def check_sign_verify(digest) - key = OpenSSL::TestUtils::TEST_KEY_DSA256 - data = 'Sign me!' - sig = key.sign(digest, data) - assert(key.verify(digest, sig, data)) + def assert_same_dsa(expected, key) + check_component(expected, key, [:p, :q, :g, :pub_key, :priv_key]) end end diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb index 4498b2b8b3..53aa5a10f6 100644 --- a/test/openssl/test_pkey_ec.rb +++ b/test/openssl/test_pkey_ec.rb @@ -3,64 +3,46 @@ require_relative 'utils' if defined?(OpenSSL::TestUtils) && defined?(OpenSSL::PKey::EC) -class OpenSSL::TestEC < OpenSSL::TestCase - def setup - @data1 = 'foo' - @data2 = 'bar' * 1000 # data too long for DSA sig +class OpenSSL::TestEC < OpenSSL::PKeyTestCase + P256 = OpenSSL::TestUtils::TEST_KEY_EC_P256V1 - @groups = [] - @keys = [] + def test_ec_key + builtin_curves = OpenSSL::PKey::EC.builtin_curves + assert_not_empty builtin_curves - OpenSSL::PKey::EC.builtin_curves.each do |curve, comment| - group = OpenSSL::PKey::EC::Group.new(curve) + builtin_curves.each do |curve_name, comment| + # Oakley curves and X25519 are not suitable for signing and causes + # FIPS-selftest failure on some environment, so skip for now. + next if ["Oakley", "X25519"].any? { |n| curve_name.start_with?(n) } - # Oakley curves and X25519 are not suitable for signing - next if ["Oakley", "X25519"].any? { |n| curve.start_with?(n) } - - key = OpenSSL::PKey::EC.new(group) + key = OpenSSL::PKey::EC.new(curve_name) key.generate_key! - @groups << group - @keys << key + assert_predicate key, :private? + assert_predicate key, :public? + assert_nothing_raised { key.check_key } end - end - - def test_dup - key = OpenSSL::PKey::EC.new("prime256v1") - key.generate_key! - key2 = key.dup - assert_equal key.to_der, key2.to_der - key_tmp = OpenSSL::PKey::EC.new("prime256v1").generate_key! - key2.private_key = key_tmp.private_key - key2.public_key = key_tmp.public_key - assert_not_equal key.to_der, key2.to_der - group = key.group - group2 = group.dup - assert_equal group.to_der, group2.to_der - group2.asn1_flag ^= OpenSSL::PKey::EC::NAMED_CURVE - assert_not_equal group.to_der, group2.to_der + key1 = OpenSSL::PKey::EC.new("prime256v1").generate_key! - point = key.public_key - point2 = point.dup - assert_equal point.to_bn, point2.to_bn - point2.invert! - assert_not_equal point.to_bn, point2.to_bn - end + key2 = OpenSSL::PKey::EC.new + key2.group = key1.group + key2.private_key = key1.private_key + key2.public_key = key1.public_key + assert_equal key1.to_der, key2.to_der - def compare_keys(k1, k2) - assert_equal(k1.to_pem, k2.to_pem) - end + key3 = OpenSSL::PKey::EC.new(key1) + assert_equal key1.to_der, key3.to_der - def test_builtin_curves - assert(!OpenSSL::PKey::EC.builtin_curves.empty?) - end + key4 = OpenSSL::PKey::EC.new(key1.to_der) + assert_equal key1.to_der, key4.to_der - def test_curve_names - @groups.each_with_index do |group, idx| - key = @keys[idx] - assert_equal(group.curve_name, key.group.curve_name) - end + key5 = key1.dup + assert_equal key1.to_der, key5.to_der + key_tmp = OpenSSL::PKey::EC.new("prime256v1").generate_key! + key5.private_key = key_tmp.private_key + key5.public_key = key_tmp.public_key + assert_not_equal key1.to_der, key5.to_der end def test_generate @@ -73,173 +55,206 @@ class OpenSSL::TestEC < OpenSSL::TestCase end def test_check_key - for key in @keys - assert_equal(true, key.check_key) - assert_equal(true, key.private?) - assert_equal(true, key.public?) - key2 = OpenSSL::PKey::EC.new(key.group) - assert_equal(false, key2.private?) - assert_equal(false, key2.public?) - key2.public_key = key.public_key - assert_equal(false, key2.private?) - assert_equal(true, key2.public?) - key2.private_key = key.private_key - assert_equal(true, key2.private?) - assert_equal(true, key2.public?) - assert_equal(true, key2.check_key) - key2.private_key += 1 - assert_raise(OpenSSL::PKey::ECError) { key2.check_key } - end - end - - def test_group_encoding - for group in @groups - for meth in [:to_der, :to_pem] - txt = group.send(meth) - gr = OpenSSL::PKey::EC::Group.new(txt) - - assert_equal(txt, gr.send(meth)) - - assert_equal(group.generator.to_bn, gr.generator.to_bn) - assert_equal(group.cofactor, gr.cofactor) - assert_equal(group.order, gr.order) - assert_equal(group.seed, gr.seed) - assert_equal(group.degree, gr.degree) - end - end - end - - def test_key_encoding - for key in @keys - group = key.group - - for meth in [:to_der, :to_pem] - txt = key.send(meth) - assert_equal(txt, OpenSSL::PKey::EC.new(txt).send(meth)) - end - - bn = key.public_key.to_bn - assert_equal(bn, OpenSSL::PKey::EC::Point.new(group, bn).to_bn) - end - end - - def test_set_keys - for key in @keys - k = OpenSSL::PKey::EC.new - k.group = key.group - k.private_key = key.private_key - k.public_key = key.public_key - - compare_keys(key, k) - end + key = OpenSSL::PKey::EC.new("prime256v1").generate_key! + assert_equal(true, key.check_key) + assert_equal(true, key.private?) + assert_equal(true, key.public?) + key2 = OpenSSL::PKey::EC.new(key.group) + assert_equal(false, key2.private?) + assert_equal(false, key2.public?) + key2.public_key = key.public_key + assert_equal(false, key2.private?) + assert_equal(true, key2.public?) + key2.private_key = key.private_key + assert_equal(true, key2.private?) + assert_equal(true, key2.public?) + assert_equal(true, key2.check_key) + key2.private_key += 1 + assert_raise(OpenSSL::PKey::ECError) { key2.check_key } end def test_dsa_sign_verify - for key in @keys - sig = key.dsa_sign_asn1(@data1) - assert(key.dsa_verify_asn1(@data1, sig)) - end + data1 = "foo" + data2 = "bar" + key = OpenSSL::PKey::EC.new("prime256v1").generate_key! + sig = key.dsa_sign_asn1(data1) + assert_equal true, key.dsa_verify_asn1(data1, sig) + assert_equal false, key.dsa_verify_asn1(data2, sig) end def test_dsa_sign_asn1_FIPS186_3 - for key in @keys - size = key.group.order.num_bits / 8 + 1 - dgst = (1..size).to_a.pack('C*') - begin - sig = key.dsa_sign_asn1(dgst) - # dgst is auto-truncated according to FIPS186-3 after openssl-0.9.8m - assert(key.dsa_verify_asn1(dgst + "garbage", sig)) - rescue OpenSSL::PKey::ECError => e - # just an exception for longer dgst before openssl-0.9.8m - assert_equal('ECDSA_sign: data too large for key size', e.message) - # no need to do following tests - return - end + key = OpenSSL::PKey::EC.new("prime256v1").generate_key! + size = key.group.order.num_bits / 8 + 1 + dgst = (1..size).to_a.pack('C*') + begin + sig = key.dsa_sign_asn1(dgst) + # dgst is auto-truncated according to FIPS186-3 after openssl-0.9.8m + assert(key.dsa_verify_asn1(dgst + "garbage", sig)) + rescue OpenSSL::PKey::ECError => e + # just an exception for longer dgst before openssl-0.9.8m + assert_equal('ECDSA_sign: data too large for key size', e.message) + # no need to do following tests + return end end def test_dh_compute_key - for key in @keys - k = OpenSSL::PKey::EC.new(key.group) - k.generate_key! - - puba = key.public_key - pubb = k.public_key - a = key.dh_compute_key(pubb) - b = k.dh_compute_key(puba) - assert_equal(a, b) - end + key_a = OpenSSL::PKey::EC.new("prime256v1").generate_key! + key_b = OpenSSL::PKey::EC.new(key_a.group).generate_key! + + pub_a = key_a.public_key + pub_b = key_b.public_key + a = key_a.dh_compute_key(pub_b) + b = key_b.dh_compute_key(pub_a) + assert_equal a, b end - def test_read_private_key_der - ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1 - der = ec.to_der - ec2 = OpenSSL::PKey.read(der) - assert(ec2.private_key?) - assert_equal(der, ec2.to_der) + def test_ECPrivateKey + asn1 = OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::Integer(1), + OpenSSL::ASN1::OctetString(P256.private_key.to_s(2)), + OpenSSL::ASN1::ASN1Data.new( + [OpenSSL::ASN1::ObjectId("prime256v1")], + 0, :CONTEXT_SPECIFIC + ), + OpenSSL::ASN1::ASN1Data.new( + [OpenSSL::ASN1::BitString(P256.public_key.to_bn.to_s(2))], + 1, :CONTEXT_SPECIFIC + ) + ]) + key = OpenSSL::PKey::EC.new(asn1.to_der) + assert_predicate key, :private? + assert_same_ec P256, key + + pem = <<~EOF + -----BEGIN EC PRIVATE KEY----- + MHcCAQEEIID49FDqcf1O1eO8saTgG70UbXQw9Fqwseliit2aWhH1oAoGCCqGSM49 + AwEHoUQDQgAEFglk2c+oVUIKQ64eZG9bhLNPWB7lSZ/ArK41eGy5wAzU/0G51Xtt + CeBUl+MahZtn9fO1JKdF4qJmS39dXnpENg== + -----END EC PRIVATE KEY----- + EOF + key = OpenSSL::PKey::EC.new(pem) + assert_same_ec P256, key + + assert_equal asn1.to_der, P256.to_der + assert_equal pem, P256.export end - def test_read_private_key_pem - ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1 - pem = ec.to_pem - ec2 = OpenSSL::PKey.read(pem) - assert(ec2.private_key?) - assert_equal(pem, ec2.to_pem) + def test_ECPrivateKey_encrypted + # key = abcdef + pem = <<~EOF + -----BEGIN EC PRIVATE KEY----- + Proc-Type: 4,ENCRYPTED + DEK-Info: AES-128-CBC,85743EB6FAC9EA76BF99D9328AFD1A66 + + nhsP1NHxb53aeZdzUe9umKKyr+OIwQq67eP0ONM6E1vFTIcjkDcFLR6PhPFufF4m + y7E2HF+9uT1KPQhlE+D63i1m1Mvez6PWfNM34iOQp2vEhaoHHKlR3c43lLyzaZDI + 0/dGSU5SzFG+iT9iFXCwCvv+bxyegkBOyALFje1NAsM= + -----END EC PRIVATE KEY----- + EOF + key = OpenSSL::PKey::EC.new(pem, "abcdef") + assert_same_ec P256, key + key = OpenSSL::PKey::EC.new(pem) { "abcdef" } + assert_same_ec P256, key + + cipher = OpenSSL::Cipher.new("aes-128-cbc") + exported = P256.to_pem(cipher, "abcdef\0\1") + assert_same_ec P256, OpenSSL::PKey::EC.new(exported, "abcdef\0\1") + assert_raise(OpenSSL::PKey::ECError) { + OpenSSL::PKey::EC.new(exported, "abcdef") + } end - def test_read_public_key_der - ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1 - ec2 = OpenSSL::PKey::EC.new(ec.group) - ec2.public_key = ec.public_key - der = ec2.to_der - ec3 = OpenSSL::PKey.read(der) - assert(!ec3.private_key?) - assert_equal(der, ec3.to_der) + def test_PUBKEY + asn1 = OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::ObjectId("id-ecPublicKey"), + OpenSSL::ASN1::ObjectId("prime256v1") + ]), + OpenSSL::ASN1::BitString( + P256.public_key.to_bn.to_s(2) + ) + ]) + key = OpenSSL::PKey::EC.new(asn1.to_der) + assert_not_predicate key, :private? + assert_same_ec dup_public(P256), key + + pem = <<~EOF + -----BEGIN PUBLIC KEY----- + MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFglk2c+oVUIKQ64eZG9bhLNPWB7l + SZ/ArK41eGy5wAzU/0G51XttCeBUl+MahZtn9fO1JKdF4qJmS39dXnpENg== + -----END PUBLIC KEY----- + EOF + key = OpenSSL::PKey::EC.new(pem) + assert_same_ec dup_public(P256), key + + assert_equal asn1.to_der, dup_public(P256).to_der + assert_equal pem, dup_public(P256).export end - def test_read_public_key_pem - ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1 - ec2 = OpenSSL::PKey::EC.new(ec.group) - ec2.public_key = ec.public_key - pem = ec2.to_pem - ec3 = OpenSSL::PKey.read(pem) - assert(!ec3.private_key?) - assert_equal(pem, ec3.to_pem) + def test_ec_group + group1 = OpenSSL::PKey::EC::Group.new("prime256v1") + key1 = OpenSSL::PKey::EC.new(group1) + assert_equal group1, key1.group + + group2 = OpenSSL::PKey::EC::Group.new(group1) + assert_equal group1.to_der, group2.to_der + assert_equal group1, group2 + group2.asn1_flag ^=OpenSSL::PKey::EC::NAMED_CURVE + assert_not_equal group1.to_der, group2.to_der + assert_equal group1, group2 + + group3 = group1.dup + assert_equal group1.to_der, group3.to_der + + assert group1.asn1_flag & OpenSSL::PKey::EC::NAMED_CURVE # our default + der = group1.to_der + group4 = OpenSSL::PKey::EC::Group.new(der) + group1.point_conversion_form = group4.point_conversion_form = :uncompressed + assert_equal :uncompressed, group1.point_conversion_form + assert_equal :uncompressed, group4.point_conversion_form + assert_equal group1, group4 + assert_equal group1.curve_name, group4.curve_name + assert_equal group1.generator.to_bn, group4.generator.to_bn + assert_equal group1.order, group4.order + assert_equal group1.cofactor, group4.cofactor + assert_equal group1.seed, group4.seed + assert_equal group1.degree, group4.degree end - def test_read_private_key_pem_pw - ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1 - pem = ec.to_pem(OpenSSL::Cipher.new('AES-128-CBC'), 'secret') - #callback form for password - ec2 = OpenSSL::PKey.read(pem) do - 'secret' - end - assert(ec2.private_key?) - # pass password directly - ec2 = OpenSSL::PKey.read(pem, 'secret') - assert(ec2.private_key?) - #omit pem equality check, will be different due to cipher iv - end + def test_ec_point + group = OpenSSL::PKey::EC::Group.new("prime256v1") + key = OpenSSL::PKey::EC.new(group).generate_key! + point = key.public_key - def test_export_password_length - key = OpenSSL::TestUtils::TEST_KEY_EC_P256V1 - assert_raise(OpenSSL::OpenSSLError) do - key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'sec') - end - pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'secr') - assert(pem) - end + point2 = OpenSSL::PKey::EC::Point.new(group, point.to_bn) + assert_equal point, point2 + assert_equal point.to_bn, point2.to_bn + point2.invert! + assert_not_equal point.to_bn, point2.to_bn - def test_export_password_funny - key = OpenSSL::TestUtils::TEST_KEY_EC_P256V1 - pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), "pass\0wd") - assert_raise(ArgumentError) do - OpenSSL::PKey.read(pem, "pass") + begin + group = OpenSSL::PKey::EC::Group.new(:GFp, 17, 2, 2) + group.point_conversion_form = :uncompressed + generator = OpenSSL::PKey::EC::Point.new(group, 0x040501.to_bn) + group.set_generator(generator, 19, 1) + point = OpenSSL::PKey::EC::Point.new(group, 0x040603.to_bn) + rescue OpenSSL::PKey::EC::Group::Error + pend "Patched OpenSSL rejected curve" if /unsupported field/ =~ $!.message + raise end - key2 = OpenSSL::PKey.read(pem, "pass\0wd") - assert(key2.private_key?) - key3 = OpenSSL::PKey::EC.new(pem, "pass\0wd") - assert(key3.private_key?) + + assert_equal 0x040603.to_bn, point.to_bn + assert_equal true, point.on_curve? + point.invert! # 8.5 + assert_equal 0x04060E.to_bn, point.to_bn + assert_equal true, point.on_curve? + + assert_equal false, point.infinity? + point.set_to_infinity! + assert_equal true, point.infinity? + assert_equal 0.to_bn, point.to_bn + assert_equal true, point.on_curve? end def test_ec_point_mul @@ -247,44 +262,50 @@ class OpenSSL::TestEC < OpenSSL::TestCase # y^2 = x^3 + 2x + 2 over F_17 # generator is (5, 1) group = OpenSSL::PKey::EC::Group.new(:GFp, 17, 2, 2) + group.point_conversion_form = :uncompressed gen = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new("040501", 16)) group.set_generator(gen, 0, 0) # 3 * (6, 3) = (16, 13) point_a = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new("040603", 16)) - result_a1 = point_a.mul(3.to_bn) + result_a1 = point_a.mul(3) assert_equal("04100D", result_a1.to_bn.to_s(16)) # 3 * (6, 3) + 3 * (5, 1) = (7, 6) - result_a2 = point_a.mul(3.to_bn, 3.to_bn) + result_a2 = point_a.mul(3, 3) assert_equal("040706", result_a2.to_bn.to_s(16)) # 3 * point_a = 3 * (6, 3) = (16, 13) - result_b1 = point_a.mul([3.to_bn], []) + result_b1 = point_a.mul([3], []) assert_equal("04100D", result_b1.to_bn.to_s(16)) # 3 * point_a + 2 * point_a = 3 * (6, 3) + 2 * (6, 3) = (7, 11) - result_b1 = point_a.mul([3.to_bn, 2.to_bn], [point_a]) + result_b1 = point_a.mul([3, 2], [point_a]) assert_equal("04070B", result_b1.to_bn.to_s(16)) # 3 * point_a + 5 * point_a.group.generator = 3 * (6, 3) + 5 * (5, 1) = (13, 10) - result_b1 = point_a.mul([3.to_bn], [], 5) + result_b1 = point_a.mul([3], [], 5) assert_equal("040D0A", result_b1.to_bn.to_s(16)) rescue OpenSSL::PKey::EC::Group::Error # CentOS patches OpenSSL to reject curves defined over Fp where p < 256 bits raise if $!.message !~ /unsupported field/ end - p256_key = OpenSSL::TestUtils::TEST_KEY_EC_P256V1 + p256_key = P256 p256_g = p256_key.group assert_equal(p256_key.public_key, p256_g.generator.mul(p256_key.private_key)) # invalid argument point = p256_key.public_key assert_raise(TypeError) { point.mul(nil) } - assert_raise(ArgumentError) { point.mul([1.to_bn], [point]) } - assert_raise(TypeError) { point.mul([1.to_bn], nil) } + assert_raise(ArgumentError) { point.mul([1], [point]) } + assert_raise(TypeError) { point.mul([1], nil) } assert_raise(TypeError) { point.mul([nil], []) } end # test Group: asn1_flag, point_conversion + private + + def assert_same_ec(expected, key) + check_component(expected, key, [:group, :public_key, :private_key]) + end end end diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb index 49e8ceacd9..e211faa63b 100644 --- a/test/openssl/test_pkey_rsa.rb +++ b/test/openssl/test_pkey_rsa.rb @@ -4,7 +4,9 @@ require 'base64' if defined?(OpenSSL::TestUtils) -class OpenSSL::TestPKeyRSA < OpenSSL::TestCase +class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase + RSA1024 = OpenSSL::TestUtils::TEST_KEY_RSA1024 + def test_padding key = OpenSSL::PKey::RSA.new(512, 3) @@ -68,46 +70,8 @@ class OpenSSL::TestPKeyRSA < OpenSSL::TestCase end end - def test_sign_verify - key = OpenSSL::TestUtils::TEST_KEY_RSA1024 - digest = OpenSSL::Digest::SHA1.new - data = 'Sign me!' - sig = key.sign(digest, data) - assert(key.verify(digest, sig, data)) - end - - def test_sign_verify_memory_leak - bug9743 = '[ruby-core:62038] [Bug #9743]' - assert_no_memory_leak(%w[-ropenssl], <<-PREP, <<-CODE, bug9743, rss: true, timeout: 30) - data = 'Sign me!' - digest = OpenSSL::Digest::SHA512.new - pkey = OpenSSL::PKey::RSA.new(2048) - signature = pkey.sign(digest, data) - pub_key = pkey.public_key - PREP - 20_000.times { - pub_key.verify(digest, signature, data) - } - CODE - - assert_no_memory_leak(%w[-ropenssl], <<-PREP, <<-CODE, bug9743, rss: true, timeout: 30) - data = 'Sign me!' - digest = OpenSSL::Digest::SHA512.new - pkey = OpenSSL::PKey::RSA.new(2048) - signature = pkey.sign(digest, data) - pub_key = pkey.public_key - PREP - 20_000.times { - begin - pub_key.verify(digest, signature, 1) - rescue TypeError - end - } - CODE - end - def test_digest_state_irrelevant_sign - key = OpenSSL::TestUtils::TEST_KEY_RSA1024 + key = RSA1024 digest1 = OpenSSL::Digest::SHA1.new digest2 = OpenSSL::Digest::SHA1.new data = 'Sign me!' @@ -118,7 +82,7 @@ class OpenSSL::TestPKeyRSA < OpenSSL::TestCase end def test_digest_state_irrelevant_verify - key = OpenSSL::TestUtils::TEST_KEY_RSA1024 + key = RSA1024 digest1 = OpenSSL::Digest::SHA1.new digest2 = OpenSSL::Digest::SHA1.new data = 'Sign me!' @@ -129,169 +93,131 @@ class OpenSSL::TestPKeyRSA < OpenSSL::TestCase assert(key.verify(digest2, sig, data)) end - def test_read_RSAPublicKey - modulus = 10664264882656732240315063514678024569492171560814833397008094754351396057398262071307709191731289492697968568138092052265293364132872019762410446076526351 - exponent = 65537 - seq = OpenSSL::ASN1::Sequence.new([OpenSSL::ASN1::Integer.new(modulus), OpenSSL::ASN1::Integer.new(exponent)]) - key = OpenSSL::PKey::RSA.new(seq.to_der) - assert(key.public?) - assert(!key.private?) - assert_equal(modulus, key.n) - assert_equal(exponent, key.e) - assert_equal(nil, key.d) - assert_equal(nil, key.p) - assert_equal(nil, key.q) - assert_equal([], OpenSSL.errors) - end - - def test_read_RSA_PUBKEY - modulus = 10664264882656732240315063514678024569492171560814833397008094754351396057398262071307709191731289492697968568138092052265293364132872019762410446076526351 - exponent = 65537 - algo = OpenSSL::ASN1::ObjectId.new('rsaEncryption') - null_params = OpenSSL::ASN1::Null.new(nil) - algo_id = OpenSSL::ASN1::Sequence.new ([algo, null_params]) - pub_key = OpenSSL::ASN1::Sequence.new([OpenSSL::ASN1::Integer.new(modulus), OpenSSL::ASN1::Integer.new(exponent)]) - seq = OpenSSL::ASN1::Sequence.new([algo_id, OpenSSL::ASN1::BitString.new(pub_key.to_der)]) - key = OpenSSL::PKey::RSA.new(seq.to_der) - assert(key.public?) - assert(!key.private?) - assert_equal(modulus, key.n) - assert_equal(exponent, key.e) - assert_equal(nil, key.d) - assert_equal(nil, key.p) - assert_equal(nil, key.q) - assert_equal([], OpenSSL.errors) - end - - def test_read_RSAPublicKey_pem - modulus = 9416340886363418692990906464787534854462163316648195510702927337693641649864839352187127240942127674615733815606532506566068276485089353644309497938966061 - exponent = 65537 - pem = <<-EOF ------BEGIN RSA PUBLIC KEY----- -MEgCQQCzyh2RIZK62E2PbTWqUljD+K23XR9AGBKNtXjal6WD2yRGcLqzPJLNCa60 -AudJR1JobbIbDJrQu6AXnWh5k/YtAgMBAAE= ------END RSA PUBLIC KEY----- + def test_RSAPrivateKey + asn1 = OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::Integer(0), + OpenSSL::ASN1::Integer(RSA1024.n), + OpenSSL::ASN1::Integer(RSA1024.e), + OpenSSL::ASN1::Integer(RSA1024.d), + OpenSSL::ASN1::Integer(RSA1024.p), + OpenSSL::ASN1::Integer(RSA1024.q), + OpenSSL::ASN1::Integer(RSA1024.dmp1), + OpenSSL::ASN1::Integer(RSA1024.dmq1), + OpenSSL::ASN1::Integer(RSA1024.iqmp) + ]) + key = OpenSSL::PKey::RSA.new(asn1.to_der) + assert_predicate key, :private? + assert_same_rsa RSA1024, key + + pem = <<~EOF + -----BEGIN RSA PRIVATE KEY----- + MIICXgIBAAKBgQDLwsSw1ECnPtT+PkOgHhcGA71nwC2/nL85VBGnRqDxOqjVh7Cx + aKPERYHsk4BPCkE3brtThPWc9kjHEQQ7uf9Y1rbCz0layNqHyywQEVLFmp1cpIt/ + Q3geLv8ZD9pihowKJDyMDiN6ArYUmZczvW4976MU3+l54E6lF/JfFEU5hwIDAQAB + AoGBAKSl/MQarye1yOysqX6P8fDFQt68VvtXkNmlSiKOGuzyho0M+UVSFcs6k1L0 + maDE25AMZUiGzuWHyaU55d7RXDgeskDMakD1v6ZejYtxJkSXbETOTLDwUWTn618T + gnb17tU1jktUtU67xK/08i/XodlgnQhs6VoHTuCh3Hu77O6RAkEA7+gxqBuZR572 + 74/akiW/SuXm0SXPEviyO1MuSRwtI87B02D0qgV8D1UHRm4AhMnJ8MCs1809kMQE + JiQUCrp9mQJBANlt2ngBO14us6NnhuAseFDTBzCHXwUUu1YKHpMMmxpnGqaldGgX + sOZB3lgJsT9VlGf3YGYdkLTNVbogQKlKpB8CQQDiSwkb4vyQfDe8/NpU5Not0fII + 8jsDUCb+opWUTMmfbxWRR3FBNu8wnym/m19N4fFj8LqYzHX4KY0oVPu6qvJxAkEA + wa5snNekFcqONLIE4G5cosrIrb74sqL8GbGb+KuTAprzj5z1K8Bm0UW9lTjVDjDi + qRYgZfZSL+x1P/54+xTFSwJAY1FxA/N3QPCXCjPh5YqFxAMQs2VVYTfg+t0MEcJD + dPMQD5JX6g5HKnHFg2mZtoXQrWmJSn7p8GJK8yNTopEErA== + -----END RSA PRIVATE KEY----- EOF key = OpenSSL::PKey::RSA.new(pem) - assert(key.public?) - assert(!key.private?) - assert_equal(modulus, key.n) - assert_equal(exponent, key.e) - assert_equal(nil, key.d) - assert_equal(nil, key.p) - assert_equal(nil, key.q) + assert_same_rsa RSA1024, key + + assert_equal asn1.to_der, RSA1024.to_der + assert_equal pem, RSA1024.export + end + + def test_RSAPrivateKey_encrypted + # key = abcdef + pem = <<~EOF + -----BEGIN RSA PRIVATE KEY----- + Proc-Type: 4,ENCRYPTED + DEK-Info: AES-128-CBC,733F5302505B34701FC41F5C0746E4C0 + + zgJniZZQfvv8TFx3LzV6zhAQVayvQVZlAYqFq2yWbbxzF7C+IBhKQle9IhUQ9j/y + /jkvol550LS8vZ7TX5WxyDLe12cdqzEvpR6jf3NbxiNysOCxwG4ErhaZGP+krcoB + ObuL0nvls/+3myy5reKEyy22+0GvTDjaChfr+FwJjXMG+IBCLscYdgZC1LQL6oAn + 9xY5DH3W7BW4wR5ttxvtN32TkfVQh8xi3jrLrduUh+hV8DTiAiLIhv0Vykwhep2p + WZA+7qbrYaYM8GLLgLrb6LfBoxeNxAEKiTpl1quFkm+Hk1dKq0EhVnxHf92x0zVF + jRGZxAMNcrlCoE4f5XK45epVZSZvihdo1k73GPbp84aZ5P/xlO4OwZ3i4uCQXynl + jE9c+I+4rRWKyPz9gkkqo0+teJL8ifeKt/3ab6FcdA0aArynqmsKJMktxmNu83We + YVGEHZPeOlyOQqPvZqWsLnXQUfg54OkbuV4/4mWSIzxFXdFy/AekSeJugpswMXqn + oNck4qySNyfnlyelppXyWWwDfVus9CVAGZmJQaJExHMT/rQFRVchlmY0Ddr5O264 + gcjv90o1NBOc2fNcqjivuoX7ROqys4K/YdNQ1HhQ7usJghADNOtuLI8ZqMh9akXD + Eqp6Ne97wq1NiJj0nt3SJlzTnOyTjzrTe0Y+atPkVKp7SsjkATMI9JdhXwGhWd7a + qFVl0owZiDasgEhyG2K5L6r+yaJLYkPVXZYC/wtWC3NEchnDWZGQcXzB4xROCQkD + OlWNYDkPiZioeFkA3/fTMvG4moB2Pp9Q4GU5fJ6k43Ccu1up8dX/LumZb4ecg5/x + -----END RSA PRIVATE KEY----- + EOF + key = OpenSSL::PKey::RSA.new(pem, "abcdef") + assert_same_rsa RSA1024, key + key = OpenSSL::PKey::RSA.new(pem) { "abcdef" } + assert_same_rsa RSA1024, key + + cipher = OpenSSL::Cipher.new("aes-128-cbc") + exported = RSA1024.to_pem(cipher, "abcdef\0\1") + assert_same_rsa RSA1024, OpenSSL::PKey::RSA.new(exported, "abcdef\0\1") + assert_raise(OpenSSL::PKey::RSAError) { + OpenSSL::PKey::RSA.new(exported, "abcdef") + } end - def test_read_RSA_PUBKEY_pem - modulus = 9416340886363418692990906464787534854462163316648195510702927337693641649864839352187127240942127674615733815606532506566068276485089353644309497938966061 - exponent = 65537 - pem = <<-EOF ------BEGIN PUBLIC KEY----- -MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALPKHZEhkrrYTY9tNapSWMP4rbdd -H0AYEo21eNqXpYPbJEZwurM8ks0JrrQC50lHUmhtshsMmtC7oBedaHmT9i0C -AwEAAQ== ------END PUBLIC KEY----- + def test_RSAPublicKey + asn1 = OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::Integer(RSA1024.n), + OpenSSL::ASN1::Integer(RSA1024.e) + ]) + key = OpenSSL::PKey::RSA.new(asn1.to_der) + assert_not_predicate key, :private? + assert_same_rsa dup_public(RSA1024), key + + pem = <<~EOF + -----BEGIN RSA PUBLIC KEY----- + MIGJAoGBAMvCxLDUQKc+1P4+Q6AeFwYDvWfALb+cvzlUEadGoPE6qNWHsLFoo8RF + geyTgE8KQTduu1OE9Zz2SMcRBDu5/1jWtsLPSVrI2ofLLBARUsWanVyki39DeB4u + /xkP2mKGjAokPIwOI3oCthSZlzO9bj3voxTf6XngTqUX8l8URTmHAgMBAAE= + -----END RSA PUBLIC KEY----- EOF key = OpenSSL::PKey::RSA.new(pem) - assert(key.public?) - assert(!key.private?) - assert_equal(modulus, key.n) - assert_equal(exponent, key.e) - assert_equal(nil, key.d) - assert_equal(nil, key.p) - assert_equal(nil, key.q) - end - - def test_export_format_is_RSA_PUBKEY - key = OpenSSL::PKey::RSA.new(512) - asn1 = OpenSSL::ASN1.decode(key.public_key.to_der) - check_PUBKEY(asn1, key) - end - - def test_export_format_is_RSA_PUBKEY_pem - key = OpenSSL::PKey::RSA.new(512) - pem = key.public_key.to_pem - pem.gsub!(/^-+(\w|\s)+-+$/, "") # eliminate --------BEGIN...------- - asn1 = OpenSSL::ASN1.decode(Base64.decode64(pem)) - check_PUBKEY(asn1, key) - end - - def test_read_private_key_der - der = OpenSSL::TestUtils::TEST_KEY_RSA1024.to_der - key = OpenSSL::PKey.read(der) - assert(key.private?) - assert_equal(der, key.to_der) - end - - def test_read_private_key_pem - pem = OpenSSL::TestUtils::TEST_KEY_RSA1024.to_pem - key = OpenSSL::PKey.read(pem) - assert(key.private?) - assert_equal(pem, key.to_pem) - end - - def test_read_public_key_der - der = OpenSSL::TestUtils::TEST_KEY_RSA1024.public_key.to_der - key = OpenSSL::PKey.read(der) - assert(!key.private?) - assert_equal(der, key.to_der) - end - - def test_read_public_key_pem - pem = OpenSSL::TestUtils::TEST_KEY_RSA1024.public_key.to_pem - key = OpenSSL::PKey.read(pem) - assert(!key.private?) - assert_equal(pem, key.to_pem) - end - - def test_read_private_key_pem_pw - pem = OpenSSL::TestUtils::TEST_KEY_RSA1024.to_pem(OpenSSL::Cipher.new('AES-128-CBC'), 'secret') - #callback form for password - key = OpenSSL::PKey.read(pem) do - 'secret' - end - assert(key.private?) - # pass password directly - key = OpenSSL::PKey.read(pem, 'secret') - assert(key.private?) - #omit pem equality check, will be different due to cipher iv - end - - def test_read_private_key_pem_pw_exception - pem = OpenSSL::TestUtils::TEST_KEY_RSA1024.to_pem(OpenSSL::Cipher.new('AES-128-CBC'), 'secret') - # it raises an ArgumentError from PEM reading. The exception raised inside are ignored for now. - assert_raise(ArgumentError) do - OpenSSL::PKey.read(pem) do - raise RuntimeError - end - end - end - - def test_export_password_length - key = OpenSSL::TestUtils::TEST_KEY_RSA1024 - assert_raise(OpenSSL::OpenSSLError) do - key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'sec') - end - pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'secr') - assert(pem) - end + assert_same_rsa dup_public(RSA1024), key + end + + def test_PUBKEY + asn1 = OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::ObjectId("rsaEncryption"), + OpenSSL::ASN1::Null(nil) + ]), + OpenSSL::ASN1::BitString( + OpenSSL::ASN1::Sequence([ + OpenSSL::ASN1::Integer(RSA1024.n), + OpenSSL::ASN1::Integer(RSA1024.e) + ]).to_der + ) + ]) + key = OpenSSL::PKey::RSA.new(asn1.to_der) + assert_not_predicate key, :private? + assert_same_rsa dup_public(RSA1024), key + + pem = <<~EOF + -----BEGIN PUBLIC KEY----- + MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDLwsSw1ECnPtT+PkOgHhcGA71n + wC2/nL85VBGnRqDxOqjVh7CxaKPERYHsk4BPCkE3brtThPWc9kjHEQQ7uf9Y1rbC + z0layNqHyywQEVLFmp1cpIt/Q3geLv8ZD9pihowKJDyMDiN6ArYUmZczvW4976MU + 3+l54E6lF/JfFEU5hwIDAQAB + -----END PUBLIC KEY----- + EOF + key = OpenSSL::PKey::RSA.new(pem) + assert_same_rsa dup_public(RSA1024), key - def test_export_password_funny - key = OpenSSL::TestUtils::TEST_KEY_RSA1024 - # this assertion may fail in the future because of OpenSSL change. - # the current upper limit is 1024 - assert_raise(OpenSSL::OpenSSLError) do - key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'secr' * 1024) - end - # password containing NUL byte - pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), "pass\0wd") - assert_raise(ArgumentError) do - OpenSSL::PKey.read(pem, "pass") - end - key2 = OpenSSL::PKey.read(pem, "pass\0wd") - assert(key2.private?) - key3 = OpenSSL::PKey::RSA.new(pem, "pass\0wd") - assert(key3.private?) + assert_equal asn1.to_der, dup_public(RSA1024).to_der + assert_equal pem, dup_public(RSA1024).export end def test_dup @@ -303,29 +229,9 @@ AwEAAQ== end private - - def check_PUBKEY(asn1, key) - assert_equal(OpenSSL::ASN1::SEQUENCE, asn1.tag) - assert_equal(2, asn1.value.size) - seq = asn1.value - assert_equal(OpenSSL::ASN1::SEQUENCE, seq[0].tag) - assert_equal(2, seq[0].value.size) - algo_id = seq[0].value - assert_equal(OpenSSL::ASN1::OBJECT, algo_id[0].tag) - assert_equal('rsaEncryption', algo_id[0].value) - assert_equal(OpenSSL::ASN1::NULL, algo_id[1].tag) - assert_equal(nil, algo_id[1].value) - assert_equal(OpenSSL::ASN1::BIT_STRING, seq[1].tag) - assert_equal(0, seq[1].unused_bits) - pub_key = OpenSSL::ASN1.decode(seq[1].value) - assert_equal(OpenSSL::ASN1::SEQUENCE, pub_key.tag) - assert_equal(2, pub_key.value.size) - assert_equal(OpenSSL::ASN1::INTEGER, pub_key.value[0].tag) - assert_equal(key.n, pub_key.value[0].value) - assert_equal(OpenSSL::ASN1::INTEGER, pub_key.value[1].tag) - assert_equal(key.e, pub_key.value[1].value) + def assert_same_rsa(expected, key) + check_component(expected, key, [:n, :e, :d, :p, :q, :dmp1, :dmq1, :iqmp]) end - end end diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index b1dc2233d6..1b9548a3e9 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -66,9 +66,9 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase end def test_not_started_session - skip "non socket argument of SSLSocket.new is not supported on this platform" if /mswin|mingw/ =~ RUBY_PLATFORM + pend "non socket argument of SSLSocket.new is not supported on this platform" if /mswin|mingw/ =~ RUBY_PLATFORM open(__FILE__) do |f| - assert_nil OpenSSL::SSL::SSLSocket.new(f).cert + assert_nil EnvUtil.suppress_warning { OpenSSL::SSL::SSLSocket.new(f).cert } end end @@ -196,16 +196,14 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase def test_client_auth_failure vflag = OpenSSL::SSL::VERIFY_PEER|OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT start_server(vflag, true, :ignore_listener_error => true){|server, port| - assert_raise(OpenSSL::SSL::SSLError, Errno::ECONNRESET){ - sock = TCPSocket.new("127.0.0.1", port) - ssl = OpenSSL::SSL::SSLSocket.new(sock) - ssl.sync_close = true - begin - ssl.connect - ensure - ssl.close - end - } + sock = TCPSocket.new("127.0.0.1", port) + ssl = OpenSSL::SSL::SSLSocket.new(sock) + ssl.sync_close = true + begin + assert_handshake_error { ssl.connect } + ensure + ssl.close + end } end @@ -236,6 +234,24 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase } end + def test_client_auth_public_key + vflag = OpenSSL::SSL::VERIFY_PEER|OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT + start_server(vflag, true, ignore_listener_error: true) do |server, port| + assert_raise(ArgumentError) { + ctx = OpenSSL::SSL::SSLContext.new + ctx.key = @cli_key.public_key + ctx.cert = @cli_cert + server_connect(port, ctx) { } + } + + ctx = OpenSSL::SSL::SSLContext.new + ctx.client_cert_cb = Proc.new{ |ssl| + [@cli_cert, @cli_key.public_key] + } + assert_handshake_error { server_connect(port, ctx) } + end + end + def test_client_ca ctx_proc = Proc.new do |ctx| ctx.client_ca = [@ca_cert] @@ -321,7 +337,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase start_server(OpenSSL::SSL::VERIFY_NONE, true, :ignore_listener_error => true){|server, port| sock = TCPSocket.new("127.0.0.1", port) ctx = OpenSSL::SSL::SSLContext.new - ctx.set_params + ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) ssl.sync_close = true begin @@ -335,12 +351,11 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase start_server(OpenSSL::SSL::VERIFY_NONE, true){|server, port| sock = TCPSocket.new("127.0.0.1", port) ctx = OpenSSL::SSL::SSLContext.new - ctx.set_params( - :verify_callback => Proc.new do |preverify_ok, store_ctx| - store_ctx.error = OpenSSL::X509::V_OK - true - end - ) + ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER + ctx.verify_callback = Proc.new do |preverify_ok, store_ctx| + store_ctx.error = OpenSSL::X509::V_OK + true + end ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) ssl.sync_close = true begin @@ -354,12 +369,11 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase start_server(OpenSSL::SSL::VERIFY_NONE, true, :ignore_listener_error => true){|server, port| sock = TCPSocket.new("127.0.0.1", port) ctx = OpenSSL::SSL::SSLContext.new - ctx.set_params( - :verify_callback => Proc.new do |preverify_ok, store_ctx| - store_ctx.error = OpenSSL::X509::V_ERR_APPLICATION_VERIFICATION - false - end - ) + ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER + ctx.verify_callback = Proc.new do |preverify_ok, store_ctx| + store_ctx.error = OpenSSL::X509::V_ERR_APPLICATION_VERIFICATION + false + end ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) ssl.sync_close = true begin @@ -375,12 +389,11 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase start_server(OpenSSL::SSL::VERIFY_NONE, true, :ignore_listener_error => true){|server, port| sock = TCPSocket.new("127.0.0.1", port) ctx = OpenSSL::SSL::SSLContext.new - ctx.set_params( - :verify_callback => Proc.new do |preverify_ok, store_ctx| - store_ctx.error = OpenSSL::X509::V_OK - raise RuntimeError - end - ) + ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER + ctx.verify_callback = Proc.new do |preverify_ok, store_ctx| + store_ctx.error = OpenSSL::X509::V_OK + raise RuntimeError + end ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) ssl.sync_close = true begin @@ -396,26 +409,15 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase end def test_sslctx_set_params - start_server(OpenSSL::SSL::VERIFY_NONE, true, :ignore_listener_error => true){|server, port| - sock = TCPSocket.new("127.0.0.1", port) - ctx = OpenSSL::SSL::SSLContext.new - ctx.set_params - assert_equal(OpenSSL::SSL::VERIFY_PEER, ctx.verify_mode) - assert_equal(OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:options], ctx.options) - ciphers = ctx.ciphers - ciphers_versions = ciphers.collect{|_, v, _, _| v } - ciphers_names = ciphers.collect{|v, _, _, _| v } - assert(ciphers_names.all?{|v| /A(EC)?DH/ !~ v }) - assert(ciphers_versions.all?{|v| /SSLv2/ !~ v }) - ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) - ssl.sync_close = true - begin - assert_raise(OpenSSL::SSL::SSLError){ ssl.connect } - assert_equal(OpenSSL::X509::V_ERR_SELF_SIGNED_CERT_IN_CHAIN, ssl.verify_result) - ensure - ssl.close - end - } + ctx = OpenSSL::SSL::SSLContext.new + ctx.set_params + assert_equal(OpenSSL::SSL::VERIFY_PEER, ctx.verify_mode) + ciphers = ctx.ciphers + ciphers_versions = ciphers.collect{|_, v, _, _| v } + ciphers_names = ciphers.collect{|v, _, _, _| v } + assert(ciphers_names.all?{|v| /A(EC)?DH/ !~ v }) + assert(ciphers_names.all?{|v| /(RC4|MD5|EXP)/ !~ v }) + assert(ciphers_versions.all?{|v| /SSLv2/ !~ v }) end def test_post_connect_check_with_anon_ciphers @@ -426,9 +428,9 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase ctx.ciphers = "aNULL" ctx.security_level = 0 server_connect(port, ctx) { |ssl| - msg = "Peer verification enabled, but no certificate received. Anonymous cipher suite " \ - "ADH-AES256-GCM-SHA384 was negotiated. Anonymous suites must be disabled to use peer verification." - assert_raise_with_message(sslerr,msg){ssl.post_connection_check("localhost.localdomain")} + assert_raise_with_message(sslerr, /anonymous cipher suite/i){ + ssl.post_connection_check("localhost.localdomain") + } } } end if OpenSSL::ExtConfig::TLS_DH_anon_WITH_AES_256_GCM_SHA384 @@ -687,11 +689,11 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase hostname = 'example.org' ctx3 = OpenSSL::SSL::SSLContext.new - ctx3.ciphers = "DH" + ctx3.ciphers = "aNULL" + ctx3.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 } ctx3.security_level = 0 ctx2 = OpenSSL::SSL::SSLContext.new - ctx2.ciphers = "DH" ctx2.servername_cb = lambda { |args| ctx3 } sock1, sock2 = socketpair @@ -699,7 +701,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) ctx1 = OpenSSL::SSL::SSLContext.new - ctx1.ciphers = "DH" + ctx1.ciphers = "aNULL" ctx1.security_level = 0 s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) @@ -722,7 +724,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase hostname = 'example.org' ctx2 = OpenSSL::SSL::SSLContext.new - ctx2.ciphers = "DH" + ctx2.ciphers = "aNULL" + ctx2.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 } ctx2.security_level = 0 ctx2.servername_cb = lambda { |args| Object.new } @@ -731,7 +734,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) ctx1 = OpenSSL::SSL::SSLContext.new - ctx1.ciphers = "DH" + ctx1.ciphers = "aNULL" ctx1.security_level = 0 s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) @@ -756,12 +759,12 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase hostname = 'example.org' ctx3 = OpenSSL::SSL::SSLContext.new - ctx3.ciphers = "DH" + ctx3.ciphers = "aNULL" + ctx3.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 } ctx3.security_level = 0 assert_not_predicate ctx3, :frozen? ctx2 = OpenSSL::SSL::SSLContext.new - ctx2.ciphers = "DH" ctx2.servername_cb = lambda { |args| ctx3 } sock1, sock2 = socketpair @@ -769,7 +772,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) ctx1 = OpenSSL::SSL::SSLContext.new - ctx1.ciphers = "DH" + ctx1.ciphers = "aNULL" ctx1.security_level = 0 s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) @@ -791,7 +794,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase hostname = 'example.org' ctx2 = OpenSSL::SSL::SSLContext.new - ctx2.ciphers = "DH" + ctx2.ciphers = "aNULL" + ctx2.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 } ctx2.security_level = 0 ctx2.servername_cb = lambda { |args| nil } @@ -800,7 +804,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) ctx1 = OpenSSL::SSL::SSLContext.new - ctx1.ciphers = "DH" + ctx1.ciphers = "aNULL" ctx1.security_level = 0 s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) @@ -823,7 +827,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase hostname = 'example.org' ctx2 = OpenSSL::SSL::SSLContext.new - ctx2.ciphers = "DH" + ctx2.ciphers = "aNULL" + ctx2.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 } ctx2.security_level = 0 ctx2.servername_cb = lambda do |args| cb_socket = args[0] @@ -836,7 +841,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) ctx1 = OpenSSL::SSL::SSLContext.new - ctx1.ciphers = "DH" + ctx1.ciphers = "aNULL" ctx1.security_level = 0 s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) @@ -859,7 +864,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase return unless OpenSSL::SSL::SSLSocket.instance_methods.include?(:hostname) ctx_proc = Proc.new do |ctx, ssl| - foo_ctx = ctx.dup + foo_ctx = OpenSSL::SSL::SSLContext.new ctx.servername_cb = Proc.new do |ssl2, hostname| case hostname @@ -892,6 +897,53 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase end end + def test_verify_hostname_on_connect + ctx_proc = proc { |ctx| + now = Time.now + exts = [ + ["keyUsage", "keyEncipherment,digitalSignature", true], + ["subjectAltName", "DNS:a.example.com,DNS:*.b.example.com," \ + "DNS:c*.example.com,DNS:d.*.example.com"], + ] + ctx.cert = issue_cert(@svr, @svr_key, 4, now, now+1800, exts, + @ca_cert, @ca_key, OpenSSL::Digest::SHA1.new) + ctx.key = @svr_key + } + + start_server(OpenSSL::SSL::VERIFY_NONE, true, ctx_proc: ctx_proc, + ignore_listener_error: true) do |svr, port| + ctx = OpenSSL::SSL::SSLContext.new + ctx.verify_hostname = true + ctx.cert_store = OpenSSL::X509::Store.new + ctx.cert_store.add_cert(@ca_cert) + ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER + + [ + ["a.example.com", true], + ["A.Example.Com", true], + ["x.example.com", false], + ["b.example.com", false], + ["x.b.example.com", true], + ["cx.example.com", true], + ["d.x.example.com", false], + ].each do |name, expected_ok| + begin + sock = TCPSocket.new("127.0.0.1", port) + ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) + ssl.hostname = name + if expected_ok + assert_nothing_raised { ssl.connect } + else + assert_handshake_error { ssl.connect } + end + ensure + ssl.close if ssl + sock.close if sock + end + end + end + end + def test_multibyte_read_write #German a umlaut auml = [%w{ C3 A4 }.join('')].pack('H*') @@ -932,10 +984,6 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase } end - # different OpenSSL versions react differently when facing a SSL/TLS version - # that has been marked as forbidden, therefore either of these may be raised - HANDSHAKE_ERRORS = [OpenSSL::SSL::SSLError, Errno::ECONNRESET] - if OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1) && OpenSSL::SSL::SSLContext::METHODS.include?(:SSLv3) def test_forbid_ssl_v3_for_client @@ -943,7 +991,7 @@ if OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1) && OpenSSL::SSL::SSLContex start_server_version(:SSLv23, ctx_proc) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.ssl_version = :SSLv3 - assert_raise(*HANDSHAKE_ERRORS) { server_connect(port, ctx) } + assert_handshake_error { server_connect(port, ctx) } } end @@ -951,7 +999,7 @@ if OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1) && OpenSSL::SSL::SSLContex start_server_version(:SSLv3) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_SSLv3 - assert_raise(*HANDSHAKE_ERRORS) { server_connect(port, ctx) } + assert_handshake_error { server_connect(port, ctx) } } end @@ -970,7 +1018,7 @@ if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1_1 start_server_version(:SSLv23, ctx_proc) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.ssl_version = :TLSv1 - assert_raise(*HANDSHAKE_ERRORS) { server_connect(port, ctx) } + assert_handshake_error { server_connect(port, ctx) } } end @@ -978,7 +1026,7 @@ if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1_1 start_server_version(:TLSv1) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_TLSv1 - assert_raise(*HANDSHAKE_ERRORS) { server_connect(port, ctx) } + assert_handshake_error { server_connect(port, ctx) } } end @@ -999,7 +1047,7 @@ if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1_2 start_server_version(:SSLv23, ctx_proc) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.ssl_version = :TLSv1_1 - assert_raise(*HANDSHAKE_ERRORS) { server_connect(port, ctx) } + assert_handshake_error { server_connect(port, ctx) } } end if defined?(OpenSSL::SSL::OP_NO_TLSv1_1) @@ -1007,7 +1055,7 @@ if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1_2 start_server_version(:TLSv1_1) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_TLSv1_1 - assert_raise(*HANDSHAKE_ERRORS) { server_connect(port, ctx) } + assert_handshake_error { server_connect(port, ctx) } } end if defined?(OpenSSL::SSL::OP_NO_TLSv1_1) @@ -1016,7 +1064,7 @@ if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1_2 start_server_version(:SSLv23, ctx_proc) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.ssl_version = :TLSv1_2 - assert_raise(*HANDSHAKE_ERRORS) { server_connect(port, ctx) } + assert_handshake_error { server_connect(port, ctx) } } end if defined?(OpenSSL::SSL::OP_NO_TLSv1_2) @@ -1024,7 +1072,7 @@ if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1_2 start_server_version(:TLSv1_2) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_TLSv1_2 - assert_raise(*HANDSHAKE_ERRORS) { server_connect(port, ctx) } + assert_handshake_error { server_connect(port, ctx) } } end if defined?(OpenSSL::SSL::OP_NO_TLSv1_2) @@ -1060,16 +1108,31 @@ if OpenSSL::OPENSSL_VERSION_NUMBER >= 0x10002000 end def test_alpn_protocol_selection_cancel - ctx_proc = Proc.new { |ctx| - ctx.alpn_select_cb = -> (protocols) { nil } + sock1, sock2 = socketpair + + ctx1 = OpenSSL::SSL::SSLContext.new + ctx1.ciphers = "aNULL" + ctx1.security_level = 0 + ctx1.alpn_select_cb = -> (protocols) { nil } + ssl1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) + + ctx2 = OpenSSL::SSL::SSLContext.new + ctx2.ciphers = "aNULL" + ctx2.security_level = 0 + ctx2.alpn_protocols = ["http/1.1"] + ssl2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) + + t = Thread.new { + assert_handshake_error { ssl2.connect } } - assert_raise(MiniTest::Assertion) do # minitest/assertion comes from `assert_join_threads` - start_server_version(:SSLv23, ctx_proc) { |server, port| - ctx = OpenSSL::SSL::SSLContext.new - ctx.alpn_protocols = ["http/1.1"] - assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) } - } - end + assert_raise(TypeError) { ssl1.accept } + ensure + sock1&.close + sock2&.close + ssl1&.close + ssl2&.close + t&.kill + t&.join end end @@ -1127,7 +1190,7 @@ if OpenSSL::OPENSSL_VERSION_NUMBER > 0x10001000 && start_server_version(:SSLv23, ctx_proc) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.npn_select_cb = -> (protocols) { protocols.first } - assert_raise(*HANDSHAKE_ERRORS) { server_connect(port, ctx) } + assert_handshake_error { server_connect(port, ctx) } } end @@ -1136,7 +1199,7 @@ if OpenSSL::OPENSSL_VERSION_NUMBER > 0x10001000 && start_server_version(:SSLv23, ctx_proc) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.npn_select_cb = -> (protocols) { "a" * 256 } - assert_raise(*HANDSHAKE_ERRORS) { server_connect(port, ctx) } + assert_handshake_error { server_connect(port, ctx) } } end @@ -1182,6 +1245,7 @@ end # test it doesn't cause a segmentation fault ctx = OpenSSL::SSL::SSLContext.new ctx.ciphers = "aNULL" + ctx.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 } ctx.security_level = 0 sock1, sock2 = socketpair @@ -1243,7 +1307,20 @@ end # ctx.key = OpenSSL::TestUtils::TEST_KEY_RSA1024 # ctx.security_level = 2 # assert_raise(OpenSSL::SSL::SSLError) { ctx.key = OpenSSL::TestUtils::TEST_KEY_RSA1024 } - skip "FIXME: SSLContext#key= currently does not raise because SSL_CTX_use_certificate() is delayed" + pend "FIXME: SSLContext#key= currently does not raise because SSL_CTX_use_certificate() is delayed" + end + + def test_dup + ctx = OpenSSL::SSL::SSLContext.new + sock1, sock2 = socketpair + ssl = OpenSSL::SSL::SSLSocket.new(sock1, ctx) + + assert_raise(NoMethodError) { ctx.dup } + assert_raise(NoMethodError) { ssl.dup } + ensure + ssl.close if ssl + sock1.close + sock2.close end private @@ -1276,6 +1353,14 @@ end sock.close end end + + def assert_handshake_error + # different OpenSSL versions react differently when facing a SSL/TLS version + # that has been marked as forbidden, therefore either of these may be raised + assert_raise(OpenSSL::SSL::SSLError, Errno::ECONNRESET) { + yield + } + end end end diff --git a/test/openssl/test_ssl_session.rb b/test/openssl/test_ssl_session.rb index 84686f6b4f..9bcec10165 100644 --- a/test/openssl/test_ssl_session.rb +++ b/test/openssl/test_ssl_session.rb @@ -369,6 +369,12 @@ __EOS__ assert(called[:get1]) assert(called[:get2]) end + + def test_dup + sess_orig = OpenSSL::SSL::Session.new(DUMMY_SESSION) + sess_dup = sess_orig.dup + assert_equal(sess_orig.to_der, sess_dup.to_der) + end end end diff --git a/test/openssl/test_x509attr.rb b/test/openssl/test_x509attr.rb index 1ba8a87536..d7473f1a29 100644 --- a/test/openssl/test_x509attr.rb +++ b/test/openssl/test_x509attr.rb @@ -12,6 +12,9 @@ class OpenSSL::TestX509Attribute < OpenSSL::TestCase attr = OpenSSL::X509::Attribute.new("extReq", val) assert_equal("extReq", attr.oid) assert_equal(val.to_der, attr.value.to_der) + + attr = OpenSSL::X509::Attribute.new("1.2.840.113549.1.9.14", val) + assert_equal("extReq", attr.oid) end def test_from_der @@ -51,6 +54,14 @@ class OpenSSL::TestX509Attribute < OpenSSL::TestCase } assert_equal(test_der, attr.to_der) end + + def test_dup + val = OpenSSL::ASN1::Set([ + OpenSSL::ASN1::UTF8String("abc123") + ]) + attr = OpenSSL::X509::Attribute.new("challengePassword", val) + assert_equal(attr.to_der, attr.dup.to_der) + end end end diff --git a/test/openssl/test_x509crl.rb b/test/openssl/test_x509crl.rb index fd66c97588..cd1ccc98ab 100644 --- a/test/openssl/test_x509crl.rb +++ b/test/openssl/test_x509crl.rb @@ -112,6 +112,10 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase assert_equal(1000, revoked.size) assert_equal(1, revoked[0].serial) assert_equal(1000, revoked[999].serial) + + crl.revoked = revoked + revoked2 = crl.revoked + assert_equal(revoked.map(&:serial), revoked2.map(&:serial)) end def test_extension diff --git a/test/openssl/test_x509ext.rb b/test/openssl/test_x509ext.rb index 99e2eda5b3..79713c0fad 100644 --- a/test/openssl/test_x509ext.rb +++ b/test/openssl/test_x509ext.rb @@ -36,15 +36,15 @@ class OpenSSL::TestX509Extension < OpenSSL::TestCase bc = ef.create_extension("basicConstraints", "CA:TRUE, pathlen:2", true) assert_equal(@basic_constraints.to_der, bc.to_der) - begin - ef.config = OpenSSL::Config.parse(<<-_end_of_cnf_) - [crlDistPts] - URI.1 = http://www.example.com/crl - URI.2 = ldap://ldap.example.com/cn=ca?certificateRevocationList;binary - _end_of_cnf_ - rescue NotImplementedError - return - end + ef.config = OpenSSL::Config.parse(<<-_end_of_cnf_) + [crlDistPts] + URI.1 = http://www.example.com/crl + URI.2 = ldap://ldap.example.com/cn=ca?certificateRevocationList;binary + + [certPolicies] + policyIdentifier = 2.23.140.1.2.1 + CPS.1 = http://cps.example.com + _end_of_cnf_ cdp = ef.create_extension("crlDistributionPoints", "@crlDistPts") assert_equal(false, cdp.critical?) @@ -61,6 +61,18 @@ class OpenSSL::TestX509Extension < OpenSSL::TestCase assert_match( %r{URI:ldap://ldap.example.com/cn=ca\?certificateRevocationList;binary}, cdp.value) + + cp = ef.create_extension("certificatePolicies", "@certPolicies") + assert_equal(false, cp.critical?) + assert_equal("certificatePolicies", cp.oid) + assert_match(%r{2.23.140.1.2.1}, cp.value) + assert_match(%r{http://cps.example.com}, cp.value) + end + + def test_dup + ext = OpenSSL::X509::Extension.new(@basic_constraints.to_der) + assert_equal(@basic_constraints.to_der, ext.to_der) + assert_equal(ext.to_der, ext.dup.to_der) end end diff --git a/test/openssl/test_x509name.rb b/test/openssl/test_x509name.rb index b87d415de2..250f1d0949 100644 --- a/test/openssl/test_x509name.rb +++ b/test/openssl/test_x509name.rb @@ -355,6 +355,11 @@ class OpenSSL::TestX509Name < OpenSSL::TestCase expected = (d[0].ord & 0xff) | (d[1].ord & 0xff) << 8 | (d[2].ord & 0xff) << 16 | (d[3].ord & 0xff) << 24 assert_equal(expected, name_hash(name)) end + + def test_dup + name = OpenSSL::X509::Name.parse("/CN=ruby-lang.org") + assert_equal(name.to_der, name.dup.to_der) + end end end diff --git a/test/openssl/test_x509req.rb b/test/openssl/test_x509req.rb index 53e5a437fc..086ccfbdb1 100644 --- a/test/openssl/test_x509req.rb +++ b/test/openssl/test_x509req.rb @@ -139,7 +139,7 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase req.version = 1 assert_equal(false, req.verify(@rsa1024)) rescue OpenSSL::X509::RequestError - skip + pend end if defined?(OpenSSL::Digest::DSS1) def test_sign_and_verify_dsa_md5 @@ -147,6 +147,11 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase issue_csr(0, @dn, @dsa512, OpenSSL::Digest::MD5.new) } end + def test_dup + req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest::SHA1.new) + assert_equal(req.to_der, req.dup.to_der) + end + private def request_error_returns_false diff --git a/test/openssl/test_x509store.rb b/test/openssl/test_x509store.rb index 8dee1679f6..e0fa07ac16 100644 --- a/test/openssl/test_x509store.rb +++ b/test/openssl/test_x509store.rb @@ -222,6 +222,13 @@ class OpenSSL::TestX509Store < OpenSSL::TestCase } end end + + def test_dup + store = OpenSSL::X509::Store.new + assert_raise(NoMethodError) { store.dup } + ctx = OpenSSL::X509::StoreContext.new(store) + assert_raise(NoMethodError) { ctx.dup } + end end end diff --git a/test/openssl/ut_eof.rb b/test/openssl/ut_eof.rb new file mode 100644 index 0000000000..fcd7a63988 --- /dev/null +++ b/test/openssl/ut_eof.rb @@ -0,0 +1,129 @@ +# frozen_string_literal: false +require 'test/unit' + +module TestEOF + def test_eof_0 + open_file("") {|f| + assert_equal("", f.read(0)) + assert_equal("", f.read(0)) + assert_equal("", f.read) + assert_equal("", f.read(0)) + assert_equal("", f.read(0)) + } + open_file("") {|f| + assert_nil(f.read(1)) + assert_equal("", f.read) + assert_nil(f.read(1)) + } + open_file("") {|f| + s = "x" + assert_equal("", f.read(nil, s)) + assert_equal("", s) + } + open_file("") {|f| + s = "x" + assert_nil(f.read(10, s)) + assert_equal("", s) + } + end + + def test_eof_0_rw + return unless respond_to? :open_file_rw + open_file_rw("") {|f| + assert_equal("", f.read) + assert_equal("", f.read) + assert_equal(0, f.syswrite("")) + assert_equal("", f.read) + } + end + + def test_eof_1 + open_file("a") {|f| + assert_equal("", f.read(0)) + assert_equal("a", f.read(1)) + assert_equal("" , f.read(0)) + assert_equal("" , f.read(0)) + assert_equal("", f.read) + assert_equal("", f.read(0)) + assert_equal("", f.read(0)) + } + open_file("a") {|f| + assert_equal("a", f.read(1)) + assert_nil(f.read(1)) + } + open_file("a") {|f| + assert_equal("a", f.read(2)) + assert_nil(f.read(1)) + assert_equal("", f.read) + assert_nil(f.read(1)) + } + open_file("a") {|f| + assert_equal("a", f.read) + assert_nil(f.read(1)) + assert_equal("", f.read) + assert_nil(f.read(1)) + } + open_file("a") {|f| + assert_equal("a", f.read(2)) + assert_equal("", f.read) + assert_equal("", f.read) + } + open_file("a") {|f| + assert_equal("a", f.read) + assert_equal("", f.read(0)) + } + open_file("a") {|f| + s = "x" + assert_equal("a", f.read(nil, s)) + assert_equal("a", s) + } + open_file("a") {|f| + s = "x" + assert_equal("a", f.read(10, s)) + assert_equal("a", s) + } + end + + def test_eof_2 + open_file("") {|f| + assert_equal("", f.read) + assert_predicate(f, :eof?) + } + end + + def test_eof_3 + open_file("") {|f| + assert_predicate(f, :eof?) + } + end + + module Seek + def open_file_seek(content, pos) + open_file(content) do |f| + f.seek(pos) + yield f + end + end + + def test_eof_0_seek + open_file_seek("", 10) {|f| + assert_equal(10, f.pos) + assert_equal("", f.read(0)) + assert_equal("", f.read) + assert_equal("", f.read(0)) + assert_equal("", f.read) + } + end + + def test_eof_1_seek + open_file_seek("a", 10) {|f| + assert_equal("", f.read) + assert_equal("", f.read) + } + open_file_seek("a", 1) {|f| + assert_equal("", f.read) + assert_equal("", f.read) + } + end + end +end diff --git a/test/openssl/utils.rb b/test/openssl/utils.rb index f306b5d3d8..2288a26035 100644 --- a/test/openssl/utils.rb +++ b/test/openssl/utils.rb @@ -8,11 +8,13 @@ begin OpenSSL.fips_mode=false rescue LoadError end + require "test/unit" require "digest/md5" require 'tempfile' require "rbconfig" require "socket" +require "envutil" module OpenSSL::TestUtils TEST_KEY_RSA1024 = OpenSSL::PKey::RSA.new <<-_end_of_pem_ @@ -260,7 +262,7 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC return end ssl = ssls.accept - rescue OpenSSL::SSL::SSLError + rescue OpenSSL::SSL::SSLError, Errno::ECONNRESET if ignore_listener_error retry else @@ -348,5 +350,39 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC end end + class OpenSSL::PKeyTestCase < OpenSSL::TestCase + def check_component(base, test, keys) + keys.each { |comp| + assert_equal base.send(comp), test.send(comp) + } + end + + def dup_public(key) + case key + when OpenSSL::PKey::RSA + rsa = OpenSSL::PKey::RSA.new + rsa.set_key(key.n, key.e, nil) + rsa + when OpenSSL::PKey::DSA + dsa = OpenSSL::PKey::DSA.new + dsa.set_pqg(key.p, key.q, key.g) + dsa.set_key(key.pub_key, nil) + dsa + when OpenSSL::PKey::DH + dh = OpenSSL::PKey::DH.new + dh.set_pqg(key.p, nil, key.g) + dh + else + if defined?(OpenSSL::PKey::EC) && OpenSSL::PKey::EC === key + ec = OpenSSL::PKey::EC.new(key.group) + ec.public_key = key.public_key + ec + else + raise "unknown key type" + end + end + end + end + end if defined?(OpenSSL::OPENSSL_LIBRARY_VERSION) and /\AOpenSSL +0\./ !~ OpenSSL::OPENSSL_LIBRARY_VERSION -- cgit v1.2.3